diff --git a/java-generator/it/pom.xml b/java-generator/it/pom.xml
index 5cbfb66ad09..d088cee3d49 100644
--- a/java-generator/it/pom.xml
+++ b/java-generator/it/pom.xml
@@ -34,6 +34,34 @@
org.junit.jupiterjunit-jupiter-api
+
+ io.fabric8
+ kubernetes-client
+
+
+ io.github.java-diff-utils
+ java-diff-utils
+ 4.9
+
+
+ javax.validation
+ validation-api
+ provided
+
+
+ io.sundr
+ builder-annotations
+ provided
+
+
+ org.projectlombok
+ lombok
+ provided
+
+
+ io.fabric8
+ camel-k-client
+
diff --git a/java-generator/it/src/it/enum-ser-deser/pom.xml b/java-generator/it/src/it/enum-ser-deser/pom.xml
index d920ea538dc..3296f983b86 100644
--- a/java-generator/it/src/it/enum-ser-deser/pom.xml
+++ b/java-generator/it/src/it/enum-ser-deser/pom.xml
@@ -57,7 +57,7 @@
io.fabric8
- kubernetes-client
+ java-generator-integration-tests@project.version@
@@ -94,7 +94,6 @@
org.apache.maven.pluginsmaven-surefire-plugin
- 2.22.0falsefalse
diff --git a/java-generator/it/src/it/enum-ser-deser/src/test/java/io/fabric8/it/certmanager/TestEnumSerialization.java b/java-generator/it/src/it/enum-ser-deser/src/test/java/io/fabric8/it/certmanager/TestEnumSerialization.java
index bd79a82744f..f34ece2b757 100644
--- a/java-generator/it/src/it/enum-ser-deser/src/test/java/io/fabric8/it/certmanager/TestEnumSerialization.java
+++ b/java-generator/it/src/it/enum-ser-deser/src/test/java/io/fabric8/it/certmanager/TestEnumSerialization.java
@@ -16,28 +16,21 @@
package io.fabric8.it.certmanager;
import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
-import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
import io.cert_manager.v1.CertificateRequest;
import io.cert_manager.v1.CertificateRequestSpec;
import io.fabric8.kubernetes.client.utils.Serialization;
-import io.fabric8.zjsonpatch.JsonDiff;
import org.junit.jupiter.api.Test;
+import io.fabric8.java.generator.testing.KubernetesResourceDiff;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.Files;
import java.util.List;
-import java.util.stream.Collectors;
-import java.util.stream.StreamSupport;
import static org.junit.jupiter.api.Assertions.assertEquals;
class TestEnumSerialization {
- ObjectMapper yamlMapper = new ObjectMapper(new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER));
-
@Test
void testDeserialization() {
// Arrange
@@ -60,13 +53,11 @@ void testSerialization() throws Exception {
// Arrange
Path resPath = Paths.get(getClass().getResource("/sample1.yaml").toURI());
String yamlContent = new String(Files.readAllBytes(resPath), "UTF8");
- JsonNode originalCRJson = yamlMapper.readTree(yamlContent);
CertificateRequest sample = Serialization.unmarshal(yamlContent, CertificateRequest.class);
+ KubernetesResourceDiff diff = new KubernetesResourceDiff(yamlContent, Serialization.asYaml(sample));
// Act
- JsonNode resultCRJson = yamlMapper.readTree(Serialization.asYaml(sample));
- JsonNode diff = JsonDiff.asJson(originalCRJson, resultCRJson);
- List aggregatedDiffs = StreamSupport.stream(diff.spliterator(), false).collect(Collectors.toList());
+ List aggregatedDiffs = diff.getListOfDiffs();
// Assert
assertEquals(0, aggregatedDiffs.size());
diff --git a/java-generator/it/src/it/extensions/invoker.properties b/java-generator/it/src/it/extensions/invoker.properties
new file mode 100644
index 00000000000..9135f207843
--- /dev/null
+++ b/java-generator/it/src/it/extensions/invoker.properties
@@ -0,0 +1,17 @@
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+invoker.goals=test
diff --git a/java-generator/it/src/it/extensions/pom.xml b/java-generator/it/src/it/extensions/pom.xml
new file mode 100644
index 00000000000..aa50fccb15c
--- /dev/null
+++ b/java-generator/it/src/it/extensions/pom.xml
@@ -0,0 +1,124 @@
+
+
+
+
+ 4.0.0
+
+ extensions-tests
+ io.fabric8.it
+ 0.0-SNAPSHOT
+ jar
+
+
+ @maven.compiler.source@
+ @maven.compiler.target@
+
+
+
+
+ io.sundr
+ sundr-adapter-reflect
+ @sundrio.version@
+ compile
+
+
+ io.sundr
+ builder-annotations
+ @sundrio.version@
+ compile
+
+
+ org.projectlombok
+ lombok
+ @lombok.version@
+ provided
+
+
+ javax.validation
+ validation-api
+ @validation-api.version@
+ provided
+
+
+ io.fabric8
+ java-generator-integration-tests
+ @project.version@
+
+
+ javax.validation
+ validation-api
+ @validation-api.version@
+ provided
+
+
+ io.sundr
+ builder-annotations
+ @sundrio.version@
+ provided
+
+
+ org.projectlombok
+ lombok
+ @lombok.version@
+ provided
+
+
+ org.junit.jupiter
+ junit-jupiter-api
+ @junit.version@
+ test
+
+
+ org.junit.jupiter
+ junit-jupiter-engine
+ @junit.version@
+ test
+
+
+
+
+
+
+ io.fabric8
+ java-generator-maven-plugin
+ @project.version@
+
+
+
+ generate
+
+
+
+
+ src/test/resources/camel-k.crds.1.8.1.yaml
+ true
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+ false
+ false
+
+
+
+
+
+
diff --git a/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/TestExtensionsWireCompat.java b/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/TestExtensionsWireCompat.java
new file mode 100644
index 00000000000..d067f58f37f
--- /dev/null
+++ b/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/TestExtensionsWireCompat.java
@@ -0,0 +1,45 @@
+/**
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.fabric8.it.certmanager;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import io.fabric8.kubernetes.client.utils.Serialization;
+import org.junit.jupiter.api.Test;
+import io.fabric8.java.generator.testing.KubernetesResourceDiff;
+import io.fabric8.java.generator.testing.extensions.camlek.ExtensionCamelK;
+import io.fabric8.it.extensions.camelk.JavaGeneratedCamelK;
+
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+class TestExtensionsWireCompat {
+
+ @Test
+ void testCamelKCatalogCR() {
+ // Arrange
+ io.fabric8.camelk.v1.CamelCatalog extensionCamelCatalog = ExtensionCamelK.dummyCamelKCatalog();
+ org.apache.camel.v1.CamelCatalog javaGenCamelCatalog = JavaGeneratedCamelK.dummyCamelKCatalog();
+ KubernetesResourceDiff diff = new KubernetesResourceDiff(Serialization.asYaml(extensionCamelCatalog), Serialization.asYaml(javaGenCamelCatalog));
+
+ // Act
+ List aggregatedDiffs = diff.getListOfDiffs();
+
+ // Assert
+ assertEquals(0, aggregatedDiffs.size());
+ }
+
+}
diff --git a/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/camelk/JavaGeneratedCamelK.java b/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/camelk/JavaGeneratedCamelK.java
new file mode 100644
index 00000000000..71c9ad34278
--- /dev/null
+++ b/java-generator/it/src/it/extensions/src/test/java/io/fabric8/it/extensions/camelk/JavaGeneratedCamelK.java
@@ -0,0 +1,77 @@
+/**
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.fabric8.it.extensions.camelk;
+
+import org.apache.camel.v1.CamelCatalog;
+import org.apache.camel.v1.CamelCatalogBuilder;
+import org.apache.camel.v1.CamelCatalogSpecBuilder;
+import org.apache.camel.v1.camelcatalogspec.ArtifactsBuilder;
+import org.apache.camel.v1.camelcatalogspec.RuntimeBuilder;
+import org.apache.camel.v1.camelcatalogspec.artifacts.dependencies.ExclusionsBuilder;
+import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
+
+public class JavaGeneratedCamelK {
+
+ // Code generated with
+ // ./java-generator/cli/target/java-gen -t="java-generator/it/src/main/java" -s="java-generator/it/src/it/extensions/src/test/resources/camel-k.crds.1.8.1.yaml" --add-extra-annotations
+
+ public static CamelCatalog dummyCamelKCatalog() {
+ CamelCatalog camelCatalog = new CamelCatalogBuilder()
+ .withNewMetadata()
+ .withName("dummy")
+ .endMetadata()
+ .withNewSpec()
+ .addToArtifacts("artifact1",
+ new ArtifactsBuilder()
+ .withArtifactId("artifact1ID")
+ .withDataformats("dataformat1")
+ .withDependencies(
+ new org.apache.camel.v1.camelcatalogspec.artifacts.DependenciesBuilder()
+ .withArtifactId("artifact2")
+ .withGroupId("mygroupid")
+ .withVersion("1.0.0")
+ .withExclusions(
+ new ExclusionsBuilder()
+ .withArtifactId("artifact3")
+ .build()
+ )
+ .build()
+ )
+ .withGroupId("mygroupid")
+ .withJavaTypes("javatype1", "javatype2")
+ .withLanguages("java", "kotlin")
+ .build()
+ )
+ .withRuntime(
+ new RuntimeBuilder()
+ .withVersion("2.0.0")
+ .withProvider("myprovider")
+ .withDependencies(
+ new org.apache.camel.v1.camelcatalogspec.runtime.DependenciesBuilder()
+ .withArtifactId("aid")
+ .withGroupId("gid")
+ .withVersion("v")
+ .build()
+ )
+ .build()
+ )
+ .endSpec()
+ .build();
+
+ return camelCatalog;
+ }
+
+}
diff --git a/java-generator/it/src/it/extensions/src/test/resources/camel-k.crds.1.8.1.yaml b/java-generator/it/src/it/extensions/src/test/resources/camel-k.crds.1.8.1.yaml
new file mode 100644
index 00000000000..225d1afdae5
--- /dev/null
+++ b/java-generator/it/src/it/extensions/src/test/resources/camel-k.crds.1.8.1.yaml
@@ -0,0 +1,14093 @@
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Generated from the project root with:
+# kubectl kustomize java-generator/it/src/it/extensions/src/resources/camel-k > java-generator/it/src/it/extensions/src/resources/camel-k.crds.1.8.1.yaml
+#
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: builds.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Build
+ listKind: BuildList
+ plural: builds
+ shortNames:
+ - ikb
+ singular: build
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The build phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The time at which the build was created
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - description: The time at which the build was last (re-)started
+ jsonPath: .status.startedAt
+ name: Started
+ type: date
+ - description: The build last execution duration
+ jsonPath: .status.duration
+ name: Duration
+ type: string
+ - description: The number of execution attempts
+ jsonPath: .status.failure.recovery.attempt
+ name: Attempts
+ type: integer
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Build is the Schema for the builds API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: BuildSpec defines the Build to be executed
+ properties:
+ strategy:
+ description: The strategy that should be used to perform the Build.
+ enum:
+ - routine
+ - pod
+ type: string
+ tasks:
+ description: The sequence of Build tasks to be performed as part of
+ the Build execution.
+ items:
+ description: Task --
+ properties:
+ buildah:
+ description: BuildahTask --
+ properties:
+ baseImage:
+ type: string
+ contextDir:
+ type: string
+ image:
+ type: string
+ name:
+ type: string
+ registry:
+ description: RegistrySpec provides the configuration for
+ the container registry
+ properties:
+ address:
+ type: string
+ ca:
+ type: string
+ insecure:
+ type: boolean
+ organization:
+ type: string
+ secret:
+ type: string
+ type: object
+ verbose:
+ type: boolean
+ type: object
+ builder:
+ description: BuilderTask --
+ properties:
+ baseImage:
+ type: string
+ buildDir:
+ type: string
+ dependencies:
+ items:
+ type: string
+ type: array
+ maven:
+ description: MavenBuildSpec --
+ properties:
+ caSecret:
+ description: The Secret name and key, containing the
+ CA certificate(s) used to connect to remote Maven
+ repositories. It can contain X.509 certificates, and
+ PKCS#7 formatted certificate chains. A JKS formatted
+ keystore is automatically created to store the CA
+ certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the
+ root CA certificates are also imported into the created
+ keystore.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ cliOptions:
+ description: The CLI options that are appended to the
+ list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ repositories:
+ description: The Maven repositories.
+ items:
+ description: Repository defines a Maven repository
+ properties:
+ id:
+ type: string
+ name:
+ type: string
+ releases:
+ description: RepositoryPolicy defines the policy
+ associated to a Maven repository
+ properties:
+ checksumPolicy:
+ type: string
+ enabled:
+ type: boolean
+ updatePolicy:
+ type: string
+ required:
+ - enabled
+ type: object
+ snapshots:
+ description: RepositoryPolicy defines the policy
+ associated to a Maven repository
+ properties:
+ checksumPolicy:
+ type: string
+ enabled:
+ type: boolean
+ updatePolicy:
+ type: string
+ required:
+ - enabled
+ type: object
+ url:
+ type: string
+ required:
+ - id
+ - url
+ type: object
+ type: array
+ settings:
+ description: A reference to the ConfigMap or Secret
+ key that contains the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ timeout:
+ description: 'Deprecated: use IntegrationPlatform.Spec.Build.Timeout
+ instead'
+ type: string
+ type: object
+ name:
+ type: string
+ resources:
+ items:
+ description: ResourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ mountPath:
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: ResourceType --
+ type: string
+ type: object
+ type: array
+ runtime:
+ description: RuntimeSpec --
+ properties:
+ applicationClass:
+ type: string
+ capabilities:
+ additionalProperties:
+ description: Capability --
+ properties:
+ dependencies:
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - dependencies
+ type: object
+ type: object
+ dependencies:
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ type: object
+ provider:
+ description: RuntimeProvider --
+ type: string
+ version:
+ type: string
+ required:
+ - applicationClass
+ - dependencies
+ - provider
+ - version
+ type: object
+ sources:
+ items:
+ description: SourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ interceptors:
+ description: Interceptors are optional identifiers
+ the org.apache.camel.k.RoutesLoader uses to pre/post
+ process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: Language --
+ type: string
+ loader:
+ description: Loader is an optional id of the org.apache.camel.k.RoutesLoader
+ that will interpret this source at runtime
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ property-names:
+ description: List of property names defined in the
+ source (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described
+ by this object
+ type: string
+ type: object
+ type: array
+ steps:
+ items:
+ type: string
+ type: array
+ type: object
+ kaniko:
+ description: KanikoTask --
+ properties:
+ baseImage:
+ type: string
+ cache:
+ description: KanikoTaskCache --
+ properties:
+ enabled:
+ type: boolean
+ persistentVolumeClaim:
+ type: string
+ type: object
+ contextDir:
+ type: string
+ image:
+ type: string
+ name:
+ type: string
+ registry:
+ description: RegistrySpec provides the configuration for
+ the container registry
+ properties:
+ address:
+ type: string
+ ca:
+ type: string
+ insecure:
+ type: boolean
+ organization:
+ type: string
+ secret:
+ type: string
+ type: object
+ verbose:
+ type: boolean
+ type: object
+ s2i:
+ description: S2iTask --
+ properties:
+ contextDir:
+ type: string
+ name:
+ type: string
+ tag:
+ type: string
+ type: object
+ spectrum:
+ description: SpectrumTask --
+ properties:
+ baseImage:
+ type: string
+ contextDir:
+ type: string
+ image:
+ type: string
+ name:
+ type: string
+ registry:
+ description: RegistrySpec provides the configuration for
+ the container registry
+ properties:
+ address:
+ type: string
+ ca:
+ type: string
+ insecure:
+ type: boolean
+ organization:
+ type: string
+ secret:
+ type: string
+ type: object
+ type: object
+ type: object
+ type: array
+ timeout:
+ description: Timeout defines the Build maximum execution duration.
+ The Build deadline is set to the Build start time plus the Timeout
+ duration. If the Build deadline is exceeded, the Build context is
+ canceled, and its phase set to BuildPhaseFailed.
+ format: duration
+ type: string
+ type: object
+ status:
+ description: BuildStatus defines the observed state of Build
+ properties:
+ artifacts:
+ items:
+ description: Artifact --
+ properties:
+ checksum:
+ type: string
+ id:
+ type: string
+ location:
+ type: string
+ target:
+ type: string
+ required:
+ - id
+ type: object
+ type: array
+ baseImage:
+ type: string
+ conditions:
+ items:
+ description: BuildCondition describes the state of a resource at
+ a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ digest:
+ type: string
+ duration:
+ description: Change to Duration / ISO 8601 when CRD uses OpenAPI spec
+ v3 https://github.com/OAI/OpenAPI-Specification/issues/845
+ type: string
+ error:
+ type: string
+ failure:
+ description: Failure --
+ properties:
+ reason:
+ type: string
+ recovery:
+ description: FailureRecovery --
+ properties:
+ attempt:
+ type: integer
+ attemptMax:
+ type: integer
+ attemptTime:
+ format: date-time
+ type: string
+ required:
+ - attempt
+ - attemptMax
+ type: object
+ time:
+ format: date-time
+ type: string
+ required:
+ - reason
+ - recovery
+ - time
+ type: object
+ image:
+ type: string
+ phase:
+ description: BuildPhase --
+ type: string
+ startedAt:
+ format: date-time
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: camelcatalogs.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: CamelCatalog
+ listKind: CamelCatalogList
+ plural: camelcatalogs
+ shortNames:
+ - cc
+ singular: camelcatalog
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Camel K Runtime version
+ jsonPath: .spec.runtime.version
+ name: Runtime Version
+ type: string
+ - description: The Camel K Runtime provider
+ jsonPath: .spec.runtime.provider
+ name: Runtime Provider
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: CamelCatalog is the Schema for the camelcatalogs API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CamelCatalogSpec defines the desired state of CamelCatalog
+ properties:
+ artifacts:
+ additionalProperties:
+ description: CamelArtifact --
+ properties:
+ artifactId:
+ type: string
+ dataformats:
+ items:
+ type: string
+ type: array
+ dependencies:
+ items:
+ description: CamelArtifactDependency represent a maven's dependency
+ properties:
+ artifactId:
+ type: string
+ exclusions:
+ items:
+ description: CamelArtifactExclusion --
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ exclusions:
+ items:
+ description: CamelArtifactExclusion --
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ type: string
+ javaTypes:
+ items:
+ type: string
+ type: array
+ languages:
+ items:
+ type: string
+ type: array
+ schemes:
+ items:
+ description: CamelScheme --
+ properties:
+ consumer:
+ description: CamelSchemeScope contains scoped information
+ about a scheme
+ properties:
+ dependencies:
+ items:
+ description: CamelArtifactDependency represent a
+ maven's dependency
+ properties:
+ artifactId:
+ type: string
+ exclusions:
+ items:
+ description: CamelArtifactExclusion --
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ type: object
+ http:
+ type: boolean
+ id:
+ type: string
+ passive:
+ type: boolean
+ producer:
+ description: CamelSchemeScope contains scoped information
+ about a scheme
+ properties:
+ dependencies:
+ items:
+ description: CamelArtifactDependency represent a
+ maven's dependency
+ properties:
+ artifactId:
+ type: string
+ exclusions:
+ items:
+ description: CamelArtifactExclusion --
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ type: object
+ required:
+ - http
+ - id
+ - passive
+ type: object
+ type: array
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: object
+ loaders:
+ additionalProperties:
+ description: CamelLoader --
+ properties:
+ artifactId:
+ type: string
+ dependencies:
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ type: string
+ languages:
+ items:
+ type: string
+ type: array
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: object
+ runtime:
+ description: RuntimeSpec --
+ properties:
+ applicationClass:
+ type: string
+ capabilities:
+ additionalProperties:
+ description: Capability --
+ properties:
+ dependencies:
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - dependencies
+ type: object
+ type: object
+ dependencies:
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ type: object
+ provider:
+ description: RuntimeProvider --
+ type: string
+ version:
+ type: string
+ required:
+ - applicationClass
+ - dependencies
+ - provider
+ - version
+ type: object
+ required:
+ - artifacts
+ - loaders
+ - runtime
+ type: object
+ status:
+ description: CamelCatalogStatus defines the observed state of CamelCatalog
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: integrationkits.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: IntegrationKit
+ listKind: IntegrationKitList
+ plural: integrationkits
+ shortNames:
+ - ik
+ singular: integrationkit
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration kit phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The integration kit type
+ jsonPath: .metadata.labels.camel\.apache\.org\/kit\.type
+ name: Type
+ type: string
+ - description: The integration kit image
+ jsonPath: .status.image
+ name: Image
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: IntegrationKit is the Schema for the integrationkits API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IntegrationKitSpec defines the desired state of IntegrationKit
+ properties:
+ configuration:
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ items:
+ type: string
+ type: array
+ image:
+ type: string
+ profile:
+ description: TraitProfile represents lists of traits that are enabled
+ for the specific installation/integration
+ type: string
+ repositories:
+ items:
+ type: string
+ type: array
+ traits:
+ additionalProperties:
+ description: A TraitSpec contains the configuration of a trait
+ properties:
+ configuration:
+ description: TraitConfiguration --
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: IntegrationKitStatus defines the observed state of IntegrationKit
+ properties:
+ artifacts:
+ items:
+ description: Artifact --
+ properties:
+ checksum:
+ type: string
+ id:
+ type: string
+ location:
+ type: string
+ target:
+ type: string
+ required:
+ - id
+ type: object
+ type: array
+ baseImage:
+ type: string
+ conditions:
+ items:
+ description: IntegrationKitCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ digest:
+ type: string
+ failure:
+ description: Failure --
+ properties:
+ reason:
+ type: string
+ recovery:
+ description: FailureRecovery --
+ properties:
+ attempt:
+ type: integer
+ attemptMax:
+ type: integer
+ attemptTime:
+ format: date-time
+ type: string
+ required:
+ - attempt
+ - attemptMax
+ type: object
+ time:
+ format: date-time
+ type: string
+ required:
+ - reason
+ - recovery
+ - time
+ type: object
+ image:
+ type: string
+ phase:
+ description: IntegrationKitPhase --
+ type: string
+ platform:
+ type: string
+ runtimeProvider:
+ description: RuntimeProvider --
+ type: string
+ runtimeVersion:
+ type: string
+ version:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: integrationplatforms.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: IntegrationPlatform
+ listKind: IntegrationPlatformList
+ plural: integrationplatforms
+ shortNames:
+ - ip
+ singular: integrationplatform
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration platform phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: IntegrationPlatform is the Schema for the integrationplatforms
+ API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IntegrationPlatformSpec defines the desired state of IntegrationPlatform
+ properties:
+ build:
+ description: IntegrationPlatformBuildSpec contains platform related
+ build information
+ properties:
+ baseImage:
+ type: string
+ buildStrategy:
+ description: BuildStrategy specifies how the Build should be executed
+ enum:
+ - routine
+ - pod
+ type: string
+ kanikoBuildCache:
+ type: boolean
+ maven:
+ description: MavenSpec --
+ properties:
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ cliOptions:
+ description: The CLI options that are appended to the list
+ of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: A reference to the ConfigMap or Secret key that
+ contains the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ timeout:
+ description: 'Deprecated: use IntegrationPlatform.Spec.Build.Timeout
+ instead'
+ type: string
+ type: object
+ persistentVolumeClaim:
+ type: string
+ publishStrategy:
+ description: IntegrationPlatformBuildPublishStrategy enumerates
+ all implemented publish strategies
+ type: string
+ registry:
+ description: RegistrySpec provides the configuration for the container
+ registry
+ properties:
+ address:
+ type: string
+ ca:
+ type: string
+ insecure:
+ type: boolean
+ organization:
+ type: string
+ secret:
+ type: string
+ type: object
+ runtimeProvider:
+ description: RuntimeProvider --
+ type: string
+ runtimeVersion:
+ type: string
+ timeout:
+ type: string
+ type: object
+ cluster:
+ description: IntegrationPlatformCluster is the kind of orchestration
+ cluster the platform is installed into
+ type: string
+ configuration:
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ kamelet:
+ description: IntegrationPlatformKameletSpec --
+ properties:
+ repositories:
+ items:
+ description: IntegrationPlatformKameletRepositorySpec --
+ properties:
+ uri:
+ type: string
+ type: object
+ type: array
+ type: object
+ profile:
+ description: TraitProfile represents lists of traits that are enabled
+ for the specific installation/integration
+ type: string
+ resources:
+ description: IntegrationPlatformResourcesSpec contains platform related
+ resources
+ type: object
+ traits:
+ additionalProperties:
+ description: A TraitSpec contains the configuration of a trait
+ properties:
+ configuration:
+ description: TraitConfiguration --
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: IntegrationPlatformStatus defines the observed state of IntegrationPlatform
+ properties:
+ build:
+ description: IntegrationPlatformBuildSpec contains platform related
+ build information
+ properties:
+ baseImage:
+ type: string
+ buildStrategy:
+ description: BuildStrategy specifies how the Build should be executed
+ enum:
+ - routine
+ - pod
+ type: string
+ kanikoBuildCache:
+ type: boolean
+ maven:
+ description: MavenSpec --
+ properties:
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ cliOptions:
+ description: The CLI options that are appended to the list
+ of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a Maven artifact
+ properties:
+ artifactId:
+ type: string
+ groupId:
+ type: string
+ version:
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: A reference to the ConfigMap or Secret key that
+ contains the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ timeout:
+ description: 'Deprecated: use IntegrationPlatform.Spec.Build.Timeout
+ instead'
+ type: string
+ type: object
+ persistentVolumeClaim:
+ type: string
+ publishStrategy:
+ description: IntegrationPlatformBuildPublishStrategy enumerates
+ all implemented publish strategies
+ type: string
+ registry:
+ description: RegistrySpec provides the configuration for the container
+ registry
+ properties:
+ address:
+ type: string
+ ca:
+ type: string
+ insecure:
+ type: boolean
+ organization:
+ type: string
+ secret:
+ type: string
+ type: object
+ runtimeProvider:
+ description: RuntimeProvider --
+ type: string
+ runtimeVersion:
+ type: string
+ timeout:
+ type: string
+ type: object
+ cluster:
+ description: IntegrationPlatformCluster is the kind of orchestration
+ cluster the platform is installed into
+ type: string
+ conditions:
+ items:
+ description: IntegrationPlatformCondition describes the state of
+ a resource at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ configuration:
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ info:
+ additionalProperties:
+ type: string
+ type: object
+ kamelet:
+ description: IntegrationPlatformKameletSpec --
+ properties:
+ repositories:
+ items:
+ description: IntegrationPlatformKameletRepositorySpec --
+ properties:
+ uri:
+ type: string
+ type: object
+ type: array
+ type: object
+ phase:
+ description: IntegrationPlatformPhase --
+ type: string
+ profile:
+ description: TraitProfile represents lists of traits that are enabled
+ for the specific installation/integration
+ type: string
+ resources:
+ description: IntegrationPlatformResourcesSpec contains platform related
+ resources
+ type: object
+ traits:
+ additionalProperties:
+ description: A TraitSpec contains the configuration of a trait
+ properties:
+ configuration:
+ description: TraitConfiguration --
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ version:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: integrations.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Integration
+ listKind: IntegrationList
+ plural: integrations
+ shortNames:
+ - it
+ singular: integration
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The integration kit
+ jsonPath: .status.integrationKit.name
+ name: Kit
+ type: string
+ - description: The number of pods
+ jsonPath: .status.replicas
+ name: Replicas
+ type: integer
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Integration is the Schema for the integrations API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IntegrationSpec defines the desired state of Integration
+ properties:
+ configuration:
+ description: 'Deprecated: Use camel trait (camel.properties) to manage
+ properties Use container trait (mount.configs) to manage configs
+ Use container trait (mount.resources) to manage resources Use container
+ trait (mount.volumes) to manage volumes'
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ items:
+ type: string
+ type: array
+ flows:
+ items:
+ description: Flow is an unstructured object representing a Camel
+ Flow in YAML/JSON DSL
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ integrationKit:
+ description: 'ObjectReference contains enough information to let you
+ inspect or modify the referred object. --- New uses of this type
+ are discouraged because of difficulty describing its usage when
+ embedded in APIs. 1. Ignored fields. It includes many fields which
+ are not generally honored. For instance, ResourceVersion and FieldPath
+ are both very rarely valid in actual usage. 2. Invalid usage help. It
+ is impossible to add specific help for individual usage. In most
+ embedded usages, there are particular restrictions like, "must
+ refer only to types A and B" or "UID not honored" or "name must
+ be restricted". Those cannot be well described when embedded. 3.
+ Inconsistent validation. Because the usages are different, the
+ validation rules are different by usage, which makes it hard for
+ users to predict what will happen. 4. The fields are both imprecise
+ and overly precise. Kind is not a precise mapping to a URL. This
+ can produce ambiguity during interpretation and require a REST
+ mapping. In most cases, the dependency is on the group,resource
+ tuple and the version of the actual struct is irrelevant. 5.
+ We cannot easily change it. Because this type is embedded in many
+ locations, updates to this type will affect numerous schemas. Don''t
+ make new APIs embed an underspecified API type they do not control.
+ Instead of using this type, create a locally provided and used type
+ that is well-focused on your reference. For example, ServiceReferences
+ for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
+ .'
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead of
+ an entire object, this string should contain a valid JSON/Go
+ field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within
+ a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]"
+ (container with index 2 in this pod). This syntax is chosen
+ only to have some well-defined way of referencing a part of
+ an object. TODO: this design is not final and this field is
+ subject to change in the future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ kit:
+ description: 'Deprecated: use the IntegrationKit field'
+ type: string
+ profile:
+ description: TraitProfile represents lists of traits that are enabled
+ for the specific installation/integration
+ type: string
+ replicas:
+ format: int32
+ type: integer
+ repositories:
+ items:
+ type: string
+ type: array
+ resources:
+ description: 'Deprecated: Use container trait (container.resources)
+ to manage resources Use openapi trait (openapi.configmaps) to manage
+ OpenAPIs specifications'
+ items:
+ description: ResourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ mountPath:
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: ResourceType --
+ type: string
+ type: object
+ type: array
+ serviceAccountName:
+ type: string
+ sources:
+ items:
+ description: SourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ interceptors:
+ description: Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: Language --
+ type: string
+ loader:
+ description: Loader is an optional id of the org.apache.camel.k.RoutesLoader
+ that will interpret this source at runtime
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ template:
+ properties:
+ spec:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ containers:
+ items:
+ description: A single application container that you want
+ to run within a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the
+ reference in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a double $$,
+ ie: $$(VAR_NAME). Escaped references will never be
+ expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used if
+ this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If
+ a variable cannot be resolved, the reference in the
+ input string will be unchanged. The $(VAR_NAME) syntax
+ can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in
+ the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged.
+ The $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, limits.ephemeral-storage,
+ requests.cpu, requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is
+ starting. When a key exists in multiple sources, the
+ value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config
+ management to default or override container images
+ in workload controllers like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never,
+ IfNotPresent. Defaults to Always if :latest tag is
+ specified, or IfNotPresent otherwise. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Actions that the management system should
+ take in response to container lifecycle events. Cannot
+ be updated.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately after
+ a container is created. If the handler fails,
+ the container is terminated and restarted according
+ to its restart policy. Other management of the
+ container blocks until the hook completes. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately before
+ a container is terminated due to an API request
+ or management event such as liveness/startup probe
+ failure, preemption, resource contention, etc.
+ The handler is not called if the container crashes
+ or exits. The reason for termination is passed
+ to the handler. The Pod''s termination grace period
+ countdown begins before the PreStop hooked is
+ executed. Regardless of the outcome of the handler,
+ the container will eventually terminate within
+ the Pod''s termination grace period. Other management
+ of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: 'Periodic probe of container liveness.
+ Container will be restarted if the probe fails. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container.
+ Exposing a port here gives the system additional information
+ about the network connections a container uses, but
+ is primarily informational. Not specifying a port
+ here DOES NOT prevent that port from being exposed.
+ Any port which is listening on the default "0.0.0.0"
+ address inside a container will be accessible from
+ the network. Cannot be updated.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's
+ IP address. This must be a valid port number,
+ 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the host.
+ If specified, this must be a valid port number,
+ 0 < x < 65536. If HostNetwork is specified,
+ this must match ContainerPort. Most containers
+ do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in
+ a pod must have a unique name. Name for the
+ port that can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: 'Periodic probe of container service readiness.
+ Container will be removed from service endpoints if
+ the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: 'Compute Resources required by this container.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is
+ omitted for a container, it defaults to Limits
+ if that is explicitly specified, otherwise to
+ an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: 'Security options the pod should run with.
+ More info: https://kubernetes.io/docs/concepts/policy/security-context/
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges than
+ its parent process. This bool directly controls
+ if the no_new_privs flag will be set on the container
+ process. AllowPrivilegeEscalation is true always
+ when the container is: 1) run as Privileged 2)
+ has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode. Processes
+ in privileged containers are essentially equivalent
+ to root on the host. Defaults to false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default is
+ DefaultProcMount which uses the container runtime
+ defaults for readonly paths and masked paths.
+ This requires the ProcMountType feature flag to
+ be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of the
+ container process. Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run
+ as a non-root user. If true, the Kubelet will
+ validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no
+ such validation will be performed. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the
+ container process. Defaults to user specified
+ in image metadata if unspecified. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied to
+ the container. If unspecified, the container runtime
+ will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided at
+ both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative
+ to the kubelet's configured seccomp profile
+ location. Must only be set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind of seccomp
+ profile will be applied. Valid options are:
+ \n Localhost - a profile defined in a file
+ on the node should be used. RuntimeDefault
+ - the container runtime default profile should
+ be used. Unconfined - no profile should be
+ applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where the
+ GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to run
+ the entrypoint of the container process. Defaults
+ to the user specified in image metadata if
+ unspecified. May also be set in PodSecurityContext.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: 'StartupProbe indicates that the Pod has
+ successfully initialized. If specified, no other probes
+ are executed until this completes successfully. If
+ this probe fails, the Pod will be restarted, just
+ as if the livenessProbe failed. This can be used to
+ provide different probe parameters at the beginning
+ of a Pod''s lifecycle, when it might take a long time
+ to load data or warm a cache, than during steady-state
+ operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will
+ always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should close
+ the stdin channel after it has been opened by a single
+ attach. When stdin is true the stdin stream will remain
+ open across multiple attach sessions. If stdinOnce
+ is set to true, stdin is opened on container start,
+ is empty until the first client attaches to stdin,
+ and then remains open and accepts data until the client
+ disconnects, at which time stdin is closed and remains
+ closed until the container is restarted. If this flag
+ is false, a container processes that reads from stdin
+ will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which
+ the container''s termination message will be written
+ is mounted into the container''s filesystem. Message
+ written is intended to be brief final status, such
+ as an assertion failure message. Will be truncated
+ by the node if greater than 4096 bytes. The total
+ message length across all containers will be limited
+ to 12kb. Defaults to /dev/termination-log. Cannot
+ be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last
+ chunk of container log output if the termination message
+ file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines,
+ whichever is smaller. Defaults to File. Cannot be
+ updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at which
+ the volume should be mounted. Must not contain
+ ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how mounts
+ are propagated from the host to container and
+ the other way around. When not set, MountPropagationNone
+ is used. This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to
+ false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted. Defaults
+ to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume from
+ which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment
+ variable references $(VAR_NAME) are expanded
+ using the container's environment. Defaults
+ to "" (volume's root). SubPathExpr and SubPath
+ are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which
+ might be configured in the container image. Cannot
+ be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsPolicy:
+ description: DNSPolicy defines how a pod's DNS will be configured.
+ type: string
+ ephemeralContainers:
+ items:
+ description: An EphemeralContainer is a container that may
+ be added temporarily to an existing pod for user-initiated
+ activities such as debugging. Ephemeral containers have
+ no resource or scheduling guarantees, and they will not
+ be restarted when they exit or when a pod is removed or
+ restarted. If an ephemeral container causes a pod to exceed
+ its resource allocation, the pod may be evicted. Ephemeral
+ containers may not be added by directly updating the pod
+ spec. They must be added via the pod's ephemeralcontainers
+ subresource, and they will appear in the pod spec once
+ added. This is an alpha feature enabled by the EphemeralContainers
+ feature flag.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the
+ reference in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a double $$,
+ ie: $$(VAR_NAME). Escaped references will never be
+ expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used if
+ this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If
+ a variable cannot be resolved, the reference in the
+ input string will be unchanged. The $(VAR_NAME) syntax
+ can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in
+ the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged.
+ The $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, limits.ephemeral-storage,
+ requests.cpu, requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is
+ starting. When a key exists in multiple sources, the
+ value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never,
+ IfNotPresent. Defaults to Always if :latest tag is
+ specified, or IfNotPresent otherwise. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Lifecycle is not allowed for ephemeral
+ containers.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately after
+ a container is created. If the handler fails,
+ the container is terminated and restarted according
+ to its restart policy. Other management of the
+ container blocks until the hook completes. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately before
+ a container is terminated due to an API request
+ or management event such as liveness/startup probe
+ failure, preemption, resource contention, etc.
+ The handler is not called if the container crashes
+ or exits. The reason for termination is passed
+ to the handler. The Pod''s termination grace period
+ countdown begins before the PreStop hooked is
+ executed. Regardless of the outcome of the handler,
+ the container will eventually terminate within
+ the Pod''s termination grace period. Other management
+ of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the ephemeral container specified
+ as a DNS_LABEL. This name must be unique among all
+ containers, init containers and ephemeral containers.
+ type: string
+ ports:
+ description: Ports are not allowed for ephemeral containers.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's
+ IP address. This must be a valid port number,
+ 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the host.
+ If specified, this must be a valid port number,
+ 0 < x < 65536. If HostNetwork is specified,
+ this must match ContainerPort. Most containers
+ do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in
+ a pod must have a unique name. Name for the
+ port that can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ readinessProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: Resources are not allowed for ephemeral
+ containers. Ephemeral containers use spare resources
+ already allocated to the pod.
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is
+ omitted for a container, it defaults to Limits
+ if that is explicitly specified, otherwise to
+ an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: SecurityContext is not allowed for ephemeral
+ containers.
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges than
+ its parent process. This bool directly controls
+ if the no_new_privs flag will be set on the container
+ process. AllowPrivilegeEscalation is true always
+ when the container is: 1) run as Privileged 2)
+ has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode. Processes
+ in privileged containers are essentially equivalent
+ to root on the host. Defaults to false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default is
+ DefaultProcMount which uses the container runtime
+ defaults for readonly paths and masked paths.
+ This requires the ProcMountType feature flag to
+ be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of the
+ container process. Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run
+ as a non-root user. If true, the Kubelet will
+ validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no
+ such validation will be performed. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the
+ container process. Defaults to user specified
+ in image metadata if unspecified. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied to
+ the container. If unspecified, the container runtime
+ will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided at
+ both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative
+ to the kubelet's configured seccomp profile
+ location. Must only be set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind of seccomp
+ profile will be applied. Valid options are:
+ \n Localhost - a profile defined in a file
+ on the node should be used. RuntimeDefault
+ - the container runtime default profile should
+ be used. Unconfined - no profile should be
+ applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where the
+ GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to run
+ the entrypoint of the container process. Defaults
+ to the user specified in image metadata if
+ unspecified. May also be set in PodSecurityContext.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will
+ always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should close
+ the stdin channel after it has been opened by a single
+ attach. When stdin is true the stdin stream will remain
+ open across multiple attach sessions. If stdinOnce
+ is set to true, stdin is opened on container start,
+ is empty until the first client attaches to stdin,
+ and then remains open and accepts data until the client
+ disconnects, at which time stdin is closed and remains
+ closed until the container is restarted. If this flag
+ is false, a container processes that reads from stdin
+ will never receive an EOF. Default is false
+ type: boolean
+ targetContainerName:
+ description: If set, the name of the container from
+ PodSpec that this ephemeral container targets. The
+ ephemeral container will be run in the namespaces
+ (IPC, PID, etc) of this container. If not set then
+ the ephemeral container is run in whatever namespaces
+ are shared for the pod. Note that the container runtime
+ must support this feature.
+ type: string
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which
+ the container''s termination message will be written
+ is mounted into the container''s filesystem. Message
+ written is intended to be brief final status, such
+ as an assertion failure message. Will be truncated
+ by the node if greater than 4096 bytes. The total
+ message length across all containers will be limited
+ to 12kb. Defaults to /dev/termination-log. Cannot
+ be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last
+ chunk of container log output if the termination message
+ file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines,
+ whichever is smaller. Defaults to File. Cannot be
+ updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at which
+ the volume should be mounted. Must not contain
+ ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how mounts
+ are propagated from the host to container and
+ the other way around. When not set, MountPropagationNone
+ is used. This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to
+ false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted. Defaults
+ to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume from
+ which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment
+ variable references $(VAR_NAME) are expanded
+ using the container's environment. Defaults
+ to "" (volume's root). SubPathExpr and SubPath
+ are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which
+ might be configured in the container image. Cannot
+ be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ initContainers:
+ items:
+ description: A single application container that you want
+ to run within a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the
+ reference in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a double $$,
+ ie: $$(VAR_NAME). Escaped references will never be
+ expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used if
+ this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If
+ a variable cannot be resolved, the reference in the
+ input string will be unchanged. The $(VAR_NAME) syntax
+ can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in
+ the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged.
+ The $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, limits.ephemeral-storage,
+ requests.cpu, requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is
+ starting. When a key exists in multiple sources, the
+ value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config
+ management to default or override container images
+ in workload controllers like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never,
+ IfNotPresent. Defaults to Always if :latest tag is
+ specified, or IfNotPresent otherwise. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Actions that the management system should
+ take in response to container lifecycle events. Cannot
+ be updated.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately after
+ a container is created. If the handler fails,
+ the container is terminated and restarted according
+ to its restart policy. Other management of the
+ container blocks until the hook completes. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately before
+ a container is terminated due to an API request
+ or management event such as liveness/startup probe
+ failure, preemption, resource contention, etc.
+ The handler is not called if the container crashes
+ or exits. The reason for termination is passed
+ to the handler. The Pod''s termination grace period
+ countdown begins before the PreStop hooked is
+ executed. Regardless of the outcome of the handler,
+ the container will eventually terminate within
+ the Pod''s termination grace period. Other management
+ of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: 'Periodic probe of container liveness.
+ Container will be restarted if the probe fails. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container.
+ Exposing a port here gives the system additional information
+ about the network connections a container uses, but
+ is primarily informational. Not specifying a port
+ here DOES NOT prevent that port from being exposed.
+ Any port which is listening on the default "0.0.0.0"
+ address inside a container will be accessible from
+ the network. Cannot be updated.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's
+ IP address. This must be a valid port number,
+ 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the host.
+ If specified, this must be a valid port number,
+ 0 < x < 65536. If HostNetwork is specified,
+ this must match ContainerPort. Most containers
+ do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in
+ a pod must have a unique name. Name for the
+ port that can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: 'Periodic probe of container service readiness.
+ Container will be removed from service endpoints if
+ the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: 'Compute Resources required by this container.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is
+ omitted for a container, it defaults to Limits
+ if that is explicitly specified, otherwise to
+ an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: 'Security options the pod should run with.
+ More info: https://kubernetes.io/docs/concepts/policy/security-context/
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges than
+ its parent process. This bool directly controls
+ if the no_new_privs flag will be set on the container
+ process. AllowPrivilegeEscalation is true always
+ when the container is: 1) run as Privileged 2)
+ has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode. Processes
+ in privileged containers are essentially equivalent
+ to root on the host. Defaults to false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default is
+ DefaultProcMount which uses the container runtime
+ defaults for readonly paths and masked paths.
+ This requires the ProcMountType feature flag to
+ be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of the
+ container process. Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run
+ as a non-root user. If true, the Kubelet will
+ validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no
+ such validation will be performed. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the
+ container process. Defaults to user specified
+ in image metadata if unspecified. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied to
+ the container. If unspecified, the container runtime
+ will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided at
+ both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative
+ to the kubelet's configured seccomp profile
+ location. Must only be set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind of seccomp
+ profile will be applied. Valid options are:
+ \n Localhost - a profile defined in a file
+ on the node should be used. RuntimeDefault
+ - the container runtime default profile should
+ be used. Unconfined - no profile should be
+ applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where the
+ GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to run
+ the entrypoint of the container process. Defaults
+ to the user specified in image metadata if
+ unspecified. May also be set in PodSecurityContext.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: 'StartupProbe indicates that the Pod has
+ successfully initialized. If specified, no other probes
+ are executed until this completes successfully. If
+ this probe fails, the Pod will be restarted, just
+ as if the livenessProbe failed. This can be used to
+ provide different probe parameters at the beginning
+ of a Pod''s lifecycle, when it might take a long time
+ to load data or warm a cache, than during steady-state
+ operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following should
+ be specified. Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe. Default to 10 seconds. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action involving
+ a TCP port. TCP hooks not yet supported TODO:
+ implement a realistic TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will
+ always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should close
+ the stdin channel after it has been opened by a single
+ attach. When stdin is true the stdin stream will remain
+ open across multiple attach sessions. If stdinOnce
+ is set to true, stdin is opened on container start,
+ is empty until the first client attaches to stdin,
+ and then remains open and accepts data until the client
+ disconnects, at which time stdin is closed and remains
+ closed until the container is restarted. If this flag
+ is false, a container processes that reads from stdin
+ will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which
+ the container''s termination message will be written
+ is mounted into the container''s filesystem. Message
+ written is intended to be brief final status, such
+ as an assertion failure message. Will be truncated
+ by the node if greater than 4096 bytes. The total
+ message length across all containers will be limited
+ to 12kb. Defaults to /dev/termination-log. Cannot
+ be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last
+ chunk of container log output if the termination message
+ file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines,
+ whichever is smaller. Defaults to File. Cannot be
+ updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at which
+ the volume should be mounted. Must not contain
+ ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how mounts
+ are propagated from the host to container and
+ the other way around. When not set, MountPropagationNone
+ is used. This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to
+ false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted. Defaults
+ to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume from
+ which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment
+ variable references $(VAR_NAME) are expanded
+ using the container's environment. Defaults
+ to "" (volume's root). SubPathExpr and SubPath
+ are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which
+ might be configured in the container image. Cannot
+ be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ restartPolicy:
+ description: RestartPolicy describes how the container should
+ be restarted. Only one of the following restart policies
+ may be specified. If none of the following policies is specified,
+ the default one is RestartPolicyAlways.
+ type: string
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ topologySpreadConstraints:
+ items:
+ description: TopologySpreadConstraint specifies how to spread
+ matching pods among the given topology.
+ properties:
+ labelSelector:
+ description: LabelSelector is used to find matching
+ pods. Pods that match this label selector are counted
+ to determine the number of pods in their corresponding
+ topology domain.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a
+ selector that contains values, a key, and an
+ operator that relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are
+ In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty. If the
+ operator is Exists or DoesNotExist, the
+ values array must be empty. This array is
+ replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is "In",
+ and the values array contains only "value". The
+ requirements are ANDed.
+ type: object
+ type: object
+ maxSkew:
+ description: 'MaxSkew describes the degree to which
+ pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
+ it is the maximum permitted difference between the
+ number of matching pods in the target topology and
+ the global minimum. For example, in a 3-zone cluster,
+ MaxSkew is set to 1, and pods with the same labelSelector
+ spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | |
+ - if MaxSkew is 1, incoming pod can only be scheduled
+ to zone3 to become 1/1/1; scheduling it onto zone1(zone2)
+ would make the ActualSkew(2-0) on zone1(zone2) violate
+ MaxSkew(1). - if MaxSkew is 2, incoming pod can be
+ scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
+ it is used to give higher precedence to topologies
+ that satisfy it. It''s a required field. Default value
+ is 1 and 0 is not allowed.'
+ format: int32
+ type: integer
+ topologyKey:
+ description: TopologyKey is the key of node labels.
+ Nodes that have a label with this key and identical
+ values are considered to be in the same topology.
+ We consider each as a "bucket", and try
+ to put balanced number of pods into each bucket. It's
+ a required field.
+ type: string
+ whenUnsatisfiable:
+ description: 'WhenUnsatisfiable indicates how to deal
+ with a pod if it doesn''t satisfy the spread constraint.
+ - DoNotSchedule (default) tells the scheduler not
+ to schedule it. - ScheduleAnyway tells the scheduler
+ to schedule the pod in any location, but giving
+ higher precedence to topologies that would help reduce
+ the skew. A constraint is considered "Unsatisfiable"
+ for an incoming pod if and only if every possible
+ node assigment for that pod would violate "MaxSkew"
+ on some topology. For example, in a 3-zone cluster,
+ MaxSkew is set to 1, and pods with the same labelSelector
+ spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P
+ | P | P | If WhenUnsatisfiable is set to DoNotSchedule,
+ incoming pod can only be scheduled to zone2(zone3)
+ to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3)
+ satisfies MaxSkew(1). In other words, the cluster
+ can still be imbalanced, but scheduler won''t make
+ it *more* imbalanced. It''s a required field.'
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ volumes:
+ items:
+ description: Volume represents a named volume in a pod that
+ may be accessed by any container in the pod.
+ properties:
+ awsElasticBlockStore:
+ description: 'AWSElasticBlockStore represents an AWS
+ Disk resource that is attached to a kubelet''s host
+ machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume that
+ you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ partition:
+ description: 'The partition in the volume that you
+ want to mount. If omitted, the default is to mount
+ by volume name. Examples: For volume /dev/sda1,
+ you specify the partition as "1". Similarly, the
+ volume partition for /dev/sda is "0" (or you can
+ leave the property empty).'
+ format: int32
+ type: integer
+ readOnly:
+ description: 'Specify "true" to force and set the
+ ReadOnly property in VolumeMounts to "true". If
+ omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ type: boolean
+ volumeID:
+ description: 'Unique ID of the persistent disk resource
+ in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ description: AzureDisk represents an Azure Data Disk
+ mount on the host and bind mount to the pod.
+ properties:
+ cachingMode:
+ description: 'Host Caching mode: None, Read Only,
+ Read Write.'
+ type: string
+ diskName:
+ description: The Name of the data disk in the blob
+ storage
+ type: string
+ diskURI:
+ description: The URI the data disk in the blob storage
+ type: string
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
+ type: string
+ kind:
+ description: 'Expected values Shared: multiple blob
+ disks per storage account Dedicated: single blob
+ disk per storage account Managed: azure managed
+ data disk (only in managed availability set).
+ defaults to shared'
+ type: string
+ readOnly:
+ description: Defaults to false (read/write). ReadOnly
+ here will force the ReadOnly setting in VolumeMounts.
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ description: AzureFile represents an Azure File Service
+ mount on the host and bind mount to the pod.
+ properties:
+ readOnly:
+ description: Defaults to false (read/write). ReadOnly
+ here will force the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretName:
+ description: the name of secret that contains Azure
+ Storage Account Name and Key
+ type: string
+ shareName:
+ description: Share Name
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ description: CephFS represents a Ceph FS mount on the
+ host that shares a pod's lifetime
+ properties:
+ monitors:
+ description: 'Required: Monitors is a collection
+ of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ items:
+ type: string
+ type: array
+ path:
+ description: 'Optional: Used as the mounted root,
+ rather than the full Ceph tree, default is /'
+ type: string
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: boolean
+ secretFile:
+ description: 'Optional: SecretFile is the path to
+ key ring for User, default is /etc/ceph/user.secret
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: string
+ secretRef:
+ description: 'Optional: SecretRef is reference to
+ the authentication secret for User, default is
+ empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ user:
+ description: 'Optional: User is the rados user name,
+ default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ description: 'Cinder represents a cinder volume attached
+ and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ properties:
+ fsType:
+ description: 'Filesystem type to mount. Must be
+ a filesystem type supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: string
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: boolean
+ secretRef:
+ description: 'Optional: points to a secret object
+ containing parameters used to connect to OpenStack.'
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ volumeID:
+ description: 'volume id used to identify the volume
+ in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ description: ConfigMap represents a configMap that should
+ populate this volume
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits used to set permissions
+ on created files by default. Must be an octal
+ value between 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts both octal and
+ decimal values, JSON requires decimal values for
+ mode bits. Defaults to 0644. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that affect
+ the file mode, like fsGroup, and the result can
+ be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: If unspecified, each key-value pair
+ in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
+ the listed keys will be projected into the specified
+ paths, and unlisted keys will not be present.
+ If a key is specified which is not present in
+ the ConfigMap, the volume setup will error unless
+ it is marked optional. Paths must be relative
+ and may not contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits used to
+ set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires
+ decimal values for mode bits. If not specified,
+ the volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of the file
+ to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ keys must be defined
+ type: boolean
+ type: object
+ csi:
+ description: CSI (Container Storage Interface) represents
+ ephemeral storage that is handled by certain external
+ CSI drivers (Beta feature).
+ properties:
+ driver:
+ description: Driver is the name of the CSI driver
+ that handles this volume. Consult with your admin
+ for the correct name as registered in the cluster.
+ type: string
+ fsType:
+ description: Filesystem type to mount. Ex. "ext4",
+ "xfs", "ntfs". If not provided, the empty value
+ is passed to the associated CSI driver which will
+ determine the default filesystem to apply.
+ type: string
+ nodePublishSecretRef:
+ description: NodePublishSecretRef is a reference
+ to the secret object containing sensitive information
+ to pass to the CSI driver to complete the CSI
+ NodePublishVolume and NodeUnpublishVolume calls.
+ This field is optional, and may be empty if no
+ secret is required. If the secret object contains
+ more than one secret, all secret references are
+ passed.
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ readOnly:
+ description: Specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ description: VolumeAttributes stores driver-specific
+ properties that are passed to the CSI driver.
+ Consult your driver's documentation for supported
+ values.
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ description: DownwardAPI represents downward API about
+ the pod that should populate this volume
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits to use on created
+ files by default. Must be a Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: Items is a list of downward API volume
+ file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing the
+ pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects a field of
+ the pod: only annotations, labels, name
+ and namespace are supported.'
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ description: 'Optional: mode bits used to
+ set permissions on this file, must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires
+ decimal values for mode bits. If not specified,
+ the volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the relative
+ path name of the file to be created. Must
+ not be absolute or contain the ''..'' path.
+ Must be utf-8 encoded. The first item of
+ the relative path must not start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: 'Selects a resource of the container:
+ only resources limits and requests (limits.cpu,
+ limits.memory, requests.cpu and requests.memory)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ description: 'EmptyDir represents a temporary directory
+ that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ properties:
+ medium:
+ description: 'What type of storage medium should
+ back this directory. The default is "" which means
+ to use the node''s default medium. Must be an
+ empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Total amount of local storage required
+ for this EmptyDir volume. The size limit is also
+ applicable for memory medium. The maximum usage
+ on memory medium EmptyDir would be the minimum
+ value between the SizeLimit specified here and
+ the sum of memory limits of all containers in
+ a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ description: "Ephemeral represents a volume that is
+ handled by a cluster storage driver (Alpha feature).
+ The volume's lifecycle is tied to the pod that defines
+ it - it will be created before the pod starts, and
+ deleted when the pod is removed. \n Use this if: a)
+ the volume is only needed while the pod runs, b) features
+ of normal volumes like restoring from snapshot or
+ capacity tracking are needed, c) the storage driver
+ is specified through a storage class, and d) the storage
+ driver supports dynamic volume provisioning through
+ \ a PersistentVolumeClaim (see EphemeralVolumeSource
+ for more information on the connection between
+ this volume type and PersistentVolumeClaim). \n
+ Use PersistentVolumeClaim or one of the vendor-specific
+ APIs for volumes that persist for longer than the
+ lifecycle of an individual pod. \n Use CSI for light-weight
+ local ephemeral volumes if the CSI driver is meant
+ to be used that way - see the documentation of the
+ driver for more information. \n A pod can use both
+ types of ephemeral volumes and persistent volumes
+ at the same time."
+ properties:
+ readOnly:
+ description: Specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
+ type: boolean
+ volumeClaimTemplate:
+ description: "Will be used to create a stand-alone
+ PVC to provision the volume. The pod in which
+ this EphemeralVolumeSource is embedded will be
+ the owner of the PVC, i.e. the PVC will be deleted
+ together with the pod. The name of the PVC will
+ be `-` where ``
+ is the name from the `PodSpec.Volumes` array entry.
+ Pod validation will reject the pod if the concatenated
+ name is not valid for a PVC (for example, too
+ long). \n An existing PVC with that name that
+ is not owned by the pod will *not* be used for
+ the pod to avoid using an unrelated volume by
+ mistake. Starting the pod is then blocked until
+ the unrelated PVC is removed. If such a pre-created
+ PVC is meant to be used by the pod, the PVC has
+ to updated with an owner reference to the pod
+ once the pod exists. Normally this should not
+ be necessary, but it may be useful when manually
+ reconstructing a broken cluster. \n This field
+ is read-only and no changes will be made by Kubernetes
+ to the PVC after it has been created. \n Required,
+ must not be nil."
+ properties:
+ metadata:
+ description: May contain labels and annotations
+ that will be copied into the PVC when creating
+ it. No other fields are allowed and will be
+ rejected during validation.
+ type: object
+ spec:
+ description: The specification for the PersistentVolumeClaim.
+ The entire content is copied unchanged into
+ the PVC that gets created from this template.
+ The same fields as in a PersistentVolumeClaim
+ are also valid here.
+ properties:
+ accessModes:
+ description: 'AccessModes contains the desired
+ access modes the volume should have. More
+ info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: 'This field can be used to
+ specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim)
+ * An existing custom resource that implements
+ data population (Alpha) In order to use
+ custom resource types that implement data
+ population, the AnyVolumeDataSource feature
+ gate must be enabled. If the provisioner
+ or an external controller can support
+ the specified data source, it will create
+ a new volume based on the contents of
+ the specified data source.'
+ properties:
+ apiGroup:
+ description: APIGroup is the group for
+ the resource being referenced. If
+ APIGroup is not specified, the specified
+ Kind must be in the core API group.
+ For any other third-party types, APIGroup
+ is required.
+ type: string
+ kind:
+ description: Kind is the type of resource
+ being referenced
+ type: string
+ name:
+ description: Name is the name of resource
+ being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ description: 'Resources represents the minimum
+ resources the volume should have. More
+ info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum
+ amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the
+ minimum amount of compute resources
+ required. If Requests is omitted for
+ a container, it defaults to Limits
+ if that is explicitly specified, otherwise
+ to an implementation-defined value.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ selector:
+ description: A label query over volumes
+ to consider for binding.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list
+ of label selector requirements. The
+ requirements are ANDed.
+ items:
+ description: A label selector requirement
+ is a selector that contains values,
+ a key, and an operator that relates
+ the key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents
+ a key's relationship to a set
+ of values. Valid operators are
+ In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array
+ of string values. If the operator
+ is In or NotIn, the values array
+ must be non-empty. If the operator
+ is Exists or DoesNotExist, the
+ values array must be empty.
+ This array is replaced during
+ a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of
+ {key,value} pairs. A single {key,value}
+ in the matchLabels map is equivalent
+ to an element of matchExpressions,
+ whose key field is "key", the operator
+ is "In", and the values array contains
+ only "value". The requirements are
+ ANDed.
+ type: object
+ type: object
+ storageClassName:
+ description: 'Name of the StorageClass required
+ by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ type: string
+ volumeMode:
+ description: volumeMode defines what type
+ of volume is required by the claim. Value
+ of Filesystem is implied when not included
+ in claim spec.
+ type: string
+ volumeName:
+ description: VolumeName is the binding reference
+ to the PersistentVolume backing this claim.
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ description: FC represents a Fibre Channel resource
+ that is attached to a kubelet's host machine and then
+ exposed to the pod.
+ properties:
+ fsType:
+ description: 'Filesystem type to mount. Must be
+ a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
+ type: string
+ lun:
+ description: 'Optional: FC target lun number'
+ format: int32
+ type: integer
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.'
+ type: boolean
+ targetWWNs:
+ description: 'Optional: FC target worldwide names
+ (WWNs)'
+ items:
+ type: string
+ type: array
+ wwids:
+ description: 'Optional: FC volume world wide identifiers
+ (wwids) Either wwids or combination of targetWWNs
+ and lun must be set, but not both simultaneously.'
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ description: FlexVolume represents a generic volume
+ resource that is provisioned/attached using an exec
+ based plugin.
+ properties:
+ driver:
+ description: Driver is the name of the driver to
+ use for this volume.
+ type: string
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". The default
+ filesystem depends on FlexVolume script.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: 'Optional: Extra command options if
+ any.'
+ type: object
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.'
+ type: boolean
+ secretRef:
+ description: 'Optional: SecretRef is reference to
+ the secret object containing sensitive information
+ to pass to the plugin scripts. This may be empty
+ if no secret object is specified. If the secret
+ object contains more than one secret, all secrets
+ are passed to the plugin scripts.'
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ description: Flocker represents a Flocker volume attached
+ to a kubelet's host machine. This depends on the Flocker
+ control service being running
+ properties:
+ datasetName:
+ description: Name of the dataset stored as metadata
+ -> name on the dataset for Flocker should be considered
+ as deprecated
+ type: string
+ datasetUUID:
+ description: UUID of the dataset. This is unique
+ identifier of a Flocker dataset
+ type: string
+ type: object
+ gcePersistentDisk:
+ description: 'GCEPersistentDisk represents a GCE Disk
+ resource that is attached to a kubelet''s host machine
+ and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume that
+ you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ partition:
+ description: 'The partition in the volume that you
+ want to mount. If omitted, the default is to mount
+ by volume name. Examples: For volume /dev/sda1,
+ you specify the partition as "1". Similarly, the
+ volume partition for /dev/sda is "0" (or you can
+ leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ format: int32
+ type: integer
+ pdName:
+ description: 'Unique name of the PD resource in
+ GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ description: 'GitRepo represents a git repository at
+ a particular revision. DEPRECATED: GitRepo is deprecated.
+ To provision a container with a git repo, mount an
+ EmptyDir into an InitContainer that clones the repo
+ using git, then mount the EmptyDir into the Pod''s
+ container.'
+ properties:
+ directory:
+ description: Target directory name. Must not contain
+ or start with '..'. If '.' is supplied, the volume
+ directory will be the git repository. Otherwise,
+ if specified, the volume will contain the git
+ repository in the subdirectory with the given
+ name.
+ type: string
+ repository:
+ description: Repository URL
+ type: string
+ revision:
+ description: Commit hash for the specified revision.
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ description: 'Glusterfs represents a Glusterfs mount
+ on the host that shares a pod''s lifetime. More info:
+ https://examples.k8s.io/volumes/glusterfs/README.md'
+ properties:
+ endpoints:
+ description: 'EndpointsName is the endpoint name
+ that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: string
+ path:
+ description: 'Path is the Glusterfs volume path.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the Glusterfs
+ volume to be mounted with read-only permissions.
+ Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ description: 'HostPath represents a pre-existing file
+ or directory on the host machine that is directly
+ exposed to the container. This is generally used for
+ system agents or other privileged things that are
+ allowed to see the host machine. Most containers will
+ NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ --- TODO(jonesdl) We need to restrict who can use
+ host directory mounts and who can/can not mount host
+ directories as read/write.'
+ properties:
+ path:
+ description: 'Path of the directory on the host.
+ If the path is a symlink, it will follow the link
+ to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+ type: string
+ type:
+ description: 'Type for HostPath Volume Defaults
+ to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ description: 'ISCSI represents an ISCSI Disk resource
+ that is attached to a kubelet''s host machine and
+ then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+ properties:
+ chapAuthDiscovery:
+ description: whether support iSCSI Discovery CHAP
+ authentication
+ type: boolean
+ chapAuthSession:
+ description: whether support iSCSI Session CHAP
+ authentication
+ type: boolean
+ fsType:
+ description: 'Filesystem type of the volume that
+ you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ initiatorName:
+ description: Custom iSCSI Initiator Name. If initiatorName
+ is specified with iscsiInterface simultaneously,
+ new iSCSI interface :
+ will be created for the connection.
+ type: string
+ iqn:
+ description: Target iSCSI Qualified Name.
+ type: string
+ iscsiInterface:
+ description: iSCSI Interface Name that uses an iSCSI
+ transport. Defaults to 'default' (tcp).
+ type: string
+ lun:
+ description: iSCSI Target Lun number.
+ format: int32
+ type: integer
+ portals:
+ description: iSCSI Target Portal List. The portal
+ is either an IP or ip_addr:port if the port is
+ other than default (typically TCP ports 860 and
+ 3260).
+ items:
+ type: string
+ type: array
+ readOnly:
+ description: ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false.
+ type: boolean
+ secretRef:
+ description: CHAP Secret for iSCSI target and initiator
+ authentication
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ targetPortal:
+ description: iSCSI Target Portal. The Portal is
+ either an IP or ip_addr:port if the port is other
+ than default (typically TCP ports 860 and 3260).
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ description: 'Volume''s name. Must be a DNS_LABEL and
+ unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ nfs:
+ description: 'NFS represents an NFS mount on the host
+ that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ properties:
+ path:
+ description: 'Path that is exported by the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the NFS export
+ to be mounted with read-only permissions. Defaults
+ to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: boolean
+ server:
+ description: 'Server is the hostname or IP address
+ of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ description: 'PersistentVolumeClaimVolumeSource represents
+ a reference to a PersistentVolumeClaim in the same
+ namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ properties:
+ claimName:
+ description: 'ClaimName is the name of a PersistentVolumeClaim
+ in the same namespace as the pod using this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ type: string
+ readOnly:
+ description: Will force the ReadOnly setting in
+ VolumeMounts. Default false.
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ description: PhotonPersistentDisk represents a PhotonController
+ persistent disk attached and mounted on kubelets host
+ machine
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
+ type: string
+ pdID:
+ description: ID that identifies Photon Controller
+ persistent disk
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ description: PortworxVolume represents a portworx volume
+ attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: FSType represents the filesystem type
+ to mount Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write). ReadOnly
+ here will force the ReadOnly setting in VolumeMounts.
+ type: boolean
+ volumeID:
+ description: VolumeID uniquely identifies a Portworx
+ volume
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ description: Items for all in one resources secrets,
+ configmaps, and downward API
+ properties:
+ defaultMode:
+ description: Mode bits used to set permissions on
+ created files by default. Must be an octal value
+ between 0000 and 0777 or a decimal value between
+ 0 and 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for mode
+ bits. Directories within the path are not affected
+ by this setting. This might be in conflict with
+ other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits
+ set.
+ format: int32
+ type: integer
+ sources:
+ description: list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ configMap:
+ description: information about the configMap
+ data to project
+ properties:
+ items:
+ description: If unspecified, each key-value
+ pair in the Data field of the referenced
+ ConfigMap will be projected into the
+ volume as a file whose name is the key
+ and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or
+ start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits
+ used to set permissions on this
+ file. Must be an octal value between
+ 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts
+ both octal and decimal values,
+ JSON requires decimal values for
+ mode bits. If not specified, the
+ volume defaultMode will be used.
+ This might be in conflict with
+ other options that affect the
+ file mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of
+ the file to map the key to. May
+ not be an absolute path. May not
+ contain the path element '..'.
+ May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ downwardAPI:
+ description: information about the downwardAPI
+ data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace are
+ supported.'
+ properties:
+ apiVersion:
+ description: Version of the
+ schema the FieldPath is written
+ in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field
+ to select in the specified
+ API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ description: 'Optional: mode bits
+ used to set permissions on this
+ file, must be an octal value between
+ 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts
+ both octal and decimal values,
+ JSON requires decimal values for
+ mode bits. If not specified, the
+ volume defaultMode will be used.
+ This might be in conflict with
+ other options that affect the
+ file mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the
+ relative path name of the file
+ to be created. Must not be absolute
+ or contain the ''..'' path. Must
+ be utf-8 encoded. The first item
+ of the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: 'Selects a resource
+ of the container: only resources
+ limits and requests (limits.cpu,
+ limits.memory, requests.cpu and
+ requests.memory) are currently
+ supported.'
+ properties:
+ containerName:
+ description: 'Container name:
+ required for volumes, optional
+ for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource
+ to select'
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: information about the secret
+ data to project
+ properties:
+ items:
+ description: If unspecified, each key-value
+ pair in the Data field of the referenced
+ Secret will be projected into the volume
+ as a file whose name is the key and
+ content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or
+ start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits
+ used to set permissions on this
+ file. Must be an octal value between
+ 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts
+ both octal and decimal values,
+ JSON requires decimal values for
+ mode bits. If not specified, the
+ volume defaultMode will be used.
+ This might be in conflict with
+ other options that affect the
+ file mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of
+ the file to map the key to. May
+ not be an absolute path. May not
+ contain the path element '..'.
+ May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ type: object
+ serviceAccountToken:
+ description: information about the serviceAccountToken
+ data to project
+ properties:
+ audience:
+ description: Audience is the intended
+ audience of the token. A recipient of
+ a token must identify itself with an
+ identifier specified in the audience
+ of the token, and otherwise should reject
+ the token. The audience defaults to
+ the identifier of the apiserver.
+ type: string
+ expirationSeconds:
+ description: ExpirationSeconds is the
+ requested duration of validity of the
+ service account token. As the token
+ approaches expiration, the kubelet volume
+ plugin will proactively rotate the service
+ account token. The kubelet will start
+ trying to rotate the token if the token
+ is older than 80 percent of its time
+ to live or if the token is older than
+ 24 hours.Defaults to 1 hour and must
+ be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: Path is the path relative
+ to the mount point of the file to project
+ the token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ description: Quobyte represents a Quobyte mount on the
+ host that shares a pod's lifetime
+ properties:
+ group:
+ description: Group to map volume access to Default
+ is no group
+ type: string
+ readOnly:
+ description: ReadOnly here will force the Quobyte
+ volume to be mounted with read-only permissions.
+ Defaults to false.
+ type: boolean
+ registry:
+ description: Registry represents a single or multiple
+ Quobyte Registry services specified as a string
+ as host:port pair (multiple entries are separated
+ with commas) which acts as the central registry
+ for volumes
+ type: string
+ tenant:
+ description: Tenant owning the given Quobyte volume
+ in the Backend Used with dynamically provisioned
+ Quobyte volumes, value is set by the plugin
+ type: string
+ user:
+ description: User to map volume access to Defaults
+ to serivceaccount user
+ type: string
+ volume:
+ description: Volume is a string that references
+ an already created Quobyte volume by name.
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ description: 'RBD represents a Rados Block Device mount
+ on the host that shares a pod''s lifetime. More info:
+ https://examples.k8s.io/volumes/rbd/README.md'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume that
+ you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ image:
+ description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ keyring:
+ description: 'Keyring is the path to key ring for
+ RBDUser. Default is /etc/ceph/keyring. More info:
+ https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ monitors:
+ description: 'A collection of Ceph monitors. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ items:
+ type: string
+ type: array
+ pool:
+ description: 'The rados pool name. Default is rbd.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: boolean
+ secretRef:
+ description: 'SecretRef is name of the authentication
+ secret for RBDUser. If provided overrides keyring.
+ Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ user:
+ description: 'The rados user name. Default is admin.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ description: ScaleIO represents a ScaleIO persistent
+ volume attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Default is
+ "xfs".
+ type: string
+ gateway:
+ description: The host address of the ScaleIO API
+ Gateway.
+ type: string
+ protectionDomain:
+ description: The name of the ScaleIO Protection
+ Domain for the configured storage.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write). ReadOnly
+ here will force the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: SecretRef references to the secret
+ for ScaleIO user and other sensitive information.
+ If this is not provided, Login operation will
+ fail.
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ sslEnabled:
+ description: Flag to enable/disable SSL communication
+ with Gateway, default false
+ type: boolean
+ storageMode:
+ description: Indicates whether the storage for a
+ volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
+ type: string
+ storagePool:
+ description: The ScaleIO Storage Pool associated
+ with the protection domain.
+ type: string
+ system:
+ description: The name of the storage system as configured
+ in ScaleIO.
+ type: string
+ volumeName:
+ description: The name of a volume already created
+ in the ScaleIO system that is associated with
+ this volume source.
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ description: 'Secret represents a secret that should
+ populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits used to set permissions
+ on created files by default. Must be an octal
+ value between 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts both octal and
+ decimal values, JSON requires decimal values for
+ mode bits. Defaults to 0644. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that affect
+ the file mode, like fsGroup, and the result can
+ be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: If unspecified, each key-value pair
+ in the Data field of the referenced Secret will
+ be projected into the volume as a file whose name
+ is the key and content is the value. If specified,
+ the listed keys will be projected into the specified
+ paths, and unlisted keys will not be present.
+ If a key is specified which is not present in
+ the Secret, the volume setup will error unless
+ it is marked optional. Paths must be relative
+ and may not contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits used to
+ set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires
+ decimal values for mode bits. If not specified,
+ the volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of the file
+ to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: Specify whether the Secret or its keys
+ must be defined
+ type: boolean
+ secretName:
+ description: 'Name of the secret in the pod''s namespace
+ to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ type: string
+ type: object
+ storageos:
+ description: StorageOS represents a StorageOS volume
+ attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write). ReadOnly
+ here will force the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: SecretRef specifies the secret to use
+ for obtaining the StorageOS API credentials. If
+ not specified, default values will be attempted.
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ volumeName:
+ description: VolumeName is the human-readable name
+ of the StorageOS volume. Volume names are only
+ unique within a namespace.
+ type: string
+ volumeNamespace:
+ description: VolumeNamespace specifies the scope
+ of the volume within StorageOS. If no namespace
+ is specified then the Pod's namespace will be
+ used. This allows the Kubernetes name scoping
+ to be mirrored within StorageOS for tighter integration.
+ Set VolumeName to any name to override the default
+ behaviour. Set to "default" if you are not using
+ namespaces within StorageOS. Namespaces that do
+ not pre-exist within StorageOS will be created.
+ type: string
+ type: object
+ vsphereVolume:
+ description: VsphereVolume represents a vSphere volume
+ attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must be a
+ filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
+ type: string
+ storagePolicyID:
+ description: Storage Policy Based Management (SPBM)
+ profile ID associated with the StoragePolicyName.
+ type: string
+ storagePolicyName:
+ description: Storage Policy Based Management (SPBM)
+ profile name.
+ type: string
+ volumePath:
+ description: Path that identifies vSphere volume
+ vmdk
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ traits:
+ additionalProperties:
+ description: A TraitSpec contains the configuration of a trait
+ properties:
+ configuration:
+ description: TraitConfiguration --
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: IntegrationStatus defines the observed state of Integration
+ properties:
+ capabilities:
+ items:
+ type: string
+ type: array
+ conditions:
+ items:
+ description: IntegrationCondition describes the state of a resource
+ at a certain point.
+ properties:
+ firstTruthyTime:
+ description: First time the condition status transitioned to
+ True.
+ format: date-time
+ type: string
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ configuration:
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ items:
+ type: string
+ type: array
+ digest:
+ type: string
+ generatedResources:
+ items:
+ description: ResourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ mountPath:
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: ResourceType --
+ type: string
+ type: object
+ type: array
+ generatedSources:
+ items:
+ description: SourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ interceptors:
+ description: Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: Language --
+ type: string
+ loader:
+ description: Loader is an optional id of the org.apache.camel.k.RoutesLoader
+ that will interpret this source at runtime
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ image:
+ type: string
+ integrationKit:
+ description: 'ObjectReference contains enough information to let you
+ inspect or modify the referred object. --- New uses of this type
+ are discouraged because of difficulty describing its usage when
+ embedded in APIs. 1. Ignored fields. It includes many fields which
+ are not generally honored. For instance, ResourceVersion and FieldPath
+ are both very rarely valid in actual usage. 2. Invalid usage help. It
+ is impossible to add specific help for individual usage. In most
+ embedded usages, there are particular restrictions like, "must
+ refer only to types A and B" or "UID not honored" or "name must
+ be restricted". Those cannot be well described when embedded. 3.
+ Inconsistent validation. Because the usages are different, the
+ validation rules are different by usage, which makes it hard for
+ users to predict what will happen. 4. The fields are both imprecise
+ and overly precise. Kind is not a precise mapping to a URL. This
+ can produce ambiguity during interpretation and require a REST
+ mapping. In most cases, the dependency is on the group,resource
+ tuple and the version of the actual struct is irrelevant. 5.
+ We cannot easily change it. Because this type is embedded in many
+ locations, updates to this type will affect numerous schemas. Don''t
+ make new APIs embed an underspecified API type they do not control.
+ Instead of using this type, create a locally provided and used type
+ that is well-focused on your reference. For example, ServiceReferences
+ for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
+ .'
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead of
+ an entire object, this string should contain a valid JSON/Go
+ field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within
+ a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]"
+ (container with index 2 in this pod). This syntax is chosen
+ only to have some well-defined way of referencing a part of
+ an object. TODO: this design is not final and this field is
+ subject to change in the future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ kit:
+ description: 'Deprecated: use the IntegrationKit field'
+ type: string
+ lastInitTimestamp:
+ description: The timestamp representing the last time when this integration
+ was initialized.
+ format: date-time
+ type: string
+ phase:
+ description: IntegrationPhase --
+ type: string
+ platform:
+ type: string
+ profile:
+ description: TraitProfile represents lists of traits that are enabled
+ for the specific installation/integration
+ type: string
+ replicas:
+ format: int32
+ type: integer
+ runtimeProvider:
+ description: RuntimeProvider --
+ type: string
+ runtimeVersion:
+ type: string
+ selector:
+ type: string
+ version:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ scale:
+ labelSelectorPath: .status.selector
+ specReplicasPath: .spec.replicas
+ statusReplicasPath: .status.replicas
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: kameletbindings.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: KameletBinding
+ listKind: KameletBindingList
+ plural: kameletbindings
+ shortNames:
+ - klb
+ singular: kameletbinding
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Kamelet Binding phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The number of pods
+ jsonPath: .status.replicas
+ name: Replicas
+ type: integer
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: KameletBinding is the Schema for the kamelets binding API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: KameletBindingSpec --
+ properties:
+ errorHandler:
+ description: ErrorHandler is an optional handler called upon an error
+ occuring in the integration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ integration:
+ description: Integration is an optional integration used to specify
+ custom parameters
+ properties:
+ configuration:
+ description: 'Deprecated: Use camel trait (camel.properties) to
+ manage properties Use container trait (mount.configs) to manage
+ configs Use container trait (mount.resources) to manage resources
+ Use container trait (mount.volumes) to manage volumes'
+ items:
+ description: ConfigurationSpec --
+ properties:
+ resourceKey:
+ type: string
+ resourceMountPoint:
+ type: string
+ resourceType:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ items:
+ type: string
+ type: array
+ flows:
+ items:
+ description: Flow is an unstructured object representing a Camel
+ Flow in YAML/JSON DSL
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ integrationKit:
+ description: 'ObjectReference contains enough information to let
+ you inspect or modify the referred object. --- New uses of this
+ type are discouraged because of difficulty describing its usage
+ when embedded in APIs. 1. Ignored fields. It includes many
+ fields which are not generally honored. For instance, ResourceVersion
+ and FieldPath are both very rarely valid in actual usage. 2.
+ Invalid usage help. It is impossible to add specific help for
+ individual usage. In most embedded usages, there are particular restrictions
+ like, "must refer only to types A and B" or "UID not honored"
+ or "name must be restricted". Those cannot be well described
+ when embedded. 3. Inconsistent validation. Because the usages
+ are different, the validation rules are different by usage,
+ which makes it hard for users to predict what will happen. 4.
+ The fields are both imprecise and overly precise. Kind is not
+ a precise mapping to a URL. This can produce ambiguity during
+ interpretation and require a REST mapping. In most cases, the
+ dependency is on the group,resource tuple and the version
+ of the actual struct is irrelevant. 5. We cannot easily change
+ it. Because this type is embedded in many locations, updates
+ to this type will affect numerous schemas. Don''t make
+ new APIs embed an underspecified API type they do not control.
+ Instead of using this type, create a locally provided and used
+ type that is well-focused on your reference. For example, ServiceReferences
+ for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
+ .'
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead
+ of an entire object, this string should contain a valid
+ JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within
+ a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]"
+ (container with index 2 in this pod). This syntax is chosen
+ only to have some well-defined way of referencing a part
+ of an object. TODO: this design is not final and this field
+ is subject to change in the future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ kit:
+ description: 'Deprecated: use the IntegrationKit field'
+ type: string
+ profile:
+ description: TraitProfile represents lists of traits that are
+ enabled for the specific installation/integration
+ type: string
+ replicas:
+ format: int32
+ type: integer
+ repositories:
+ items:
+ type: string
+ type: array
+ resources:
+ description: 'Deprecated: Use container trait (container.resources)
+ to manage resources Use openapi trait (openapi.configmaps) to
+ manage OpenAPIs specifications'
+ items:
+ description: ResourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ mountPath:
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: ResourceType --
+ type: string
+ type: object
+ type: array
+ serviceAccountName:
+ type: string
+ sources:
+ items:
+ description: SourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ interceptors:
+ description: Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: Language --
+ type: string
+ loader:
+ description: Loader is an optional id of the org.apache.camel.k.RoutesLoader
+ that will interpret this source at runtime
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ property-names:
+ description: List of property names defined in the source
+ (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by
+ this object
+ type: string
+ type: object
+ type: array
+ template:
+ properties:
+ spec:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ containers:
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using
+ the container''s environment. If a variable cannot
+ be resolved, the reference in the input string
+ will be unchanged. The $(VAR_NAME) syntax can
+ be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used
+ if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment.
+ If a variable cannot be resolved, the reference
+ in the input string will be unchanged. The $(VAR_NAME)
+ syntax can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set
+ in the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined
+ environment variables in the container and
+ any service environment variables. If a
+ variable cannot be resolved, the reference
+ in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to
+ "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the
+ container: only resources limits and
+ requests (limits.cpu, limits.memory,
+ limits.ephemeral-storage, requests.cpu,
+ requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container
+ is starting. When a key exists in multiple sources,
+ the value associated with the last source will
+ take precedence. Values defined by an Env with
+ a duplicate key will take precedence. Cannot be
+ updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config
+ management to default or override container images
+ in workload controllers like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always,
+ Never, IfNotPresent. Defaults to Always if :latest
+ tag is specified, or IfNotPresent otherwise. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Actions that the management system
+ should take in response to container lifecycle
+ events. Cannot be updated.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately
+ after a container is created. If the handler
+ fails, the container is terminated and restarted
+ according to its restart policy. Other management
+ of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately
+ before a container is terminated due to an
+ API request or management event such as liveness/startup
+ probe failure, preemption, resource contention,
+ etc. The handler is not called if the container
+ crashes or exits. The reason for termination
+ is passed to the handler. The Pod''s termination
+ grace period countdown begins before the PreStop
+ hooked is executed. Regardless of the outcome
+ of the handler, the container will eventually
+ terminate within the Pod''s termination grace
+ period. Other management of the container
+ blocks until the hook completes or until the
+ termination grace period is reached. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: 'Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the container specified as
+ a DNS_LABEL. Each container in a pod must have
+ a unique name (DNS_LABEL). Cannot be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container.
+ Exposing a port here gives the system additional
+ information about the network connections a container
+ uses, but is primarily informational. Not specifying
+ a port here DOES NOT prevent that port from being
+ exposed. Any port which is listening on the default
+ "0.0.0.0" address inside a container will be accessible
+ from the network. Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the
+ pod's IP address. This must be a valid port
+ number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the
+ host. If specified, this must be a valid
+ port number, 0 < x < 65536. If HostNetwork
+ is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an
+ IANA_SVC_NAME and unique within the pod.
+ Each named port in a pod must have a unique
+ name. Name for the port that can be referred
+ to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP,
+ TCP, or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: 'Periodic probe of container service
+ readiness. Container will be removed from service
+ endpoints if the probe fails. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: 'Compute Resources required by this
+ container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum
+ amount of compute resources required. If Requests
+ is omitted for a container, it defaults to
+ Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info:
+ https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: 'Security options the pod should run
+ with. More info: https://kubernetes.io/docs/concepts/policy/security-context/
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges
+ than its parent process. This bool directly
+ controls if the no_new_privs flag will be
+ set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run
+ as Privileged 2) has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when
+ running containers. Defaults to the default
+ set of capabilities granted by the container
+ runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode.
+ Processes in privileged containers are essentially
+ equivalent to root on the host. Defaults to
+ false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default
+ is DefaultProcMount which uses the container
+ runtime defaults for readonly paths and masked
+ paths. This requires the ProcMountType feature
+ flag to be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of
+ the container process. Uses runtime default
+ if unset. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must
+ run as a non-root user. If true, the Kubelet
+ will validate the image at runtime to ensure
+ that it does not run as UID 0 (root) and fail
+ to start the container if it does. If unset
+ or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of
+ the container process. Defaults to user specified
+ in image metadata if unspecified. May also
+ be set in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied
+ to the container. If unspecified, the container
+ runtime will allocate a random SELinux context
+ for each container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided
+ at both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates
+ a profile defined in a file on the node
+ should be used. The profile must be preconfigured
+ on the node to work. Must be a descending
+ path, relative to the kubelet's configured
+ seccomp profile location. Must only be
+ set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind
+ of seccomp profile will be applied. Valid
+ options are: \n Localhost - a profile
+ defined in a file on the node should be
+ used. RuntimeDefault - the container runtime
+ default profile should be used. Unconfined
+ - no profile should be applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where
+ the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName
+ field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to
+ run the entrypoint of the container process.
+ Defaults to the user specified in image
+ metadata if unspecified. May also be set
+ in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext
+ takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: 'StartupProbe indicates that the Pod
+ has successfully initialized. If specified, no
+ other probes are executed until this completes
+ successfully. If this probe fails, the Pod will
+ be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters
+ at the beginning of a Pod''s lifecycle, when it
+ might take a long time to load data or warm a
+ cache, than during steady-state operation. This
+ cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If
+ this is not set, reads from stdin in the container
+ will always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should
+ close the stdin channel after it has been opened
+ by a single attach. When stdin is true the stdin
+ stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is
+ opened on container start, is empty until the
+ first client attaches to stdin, and then remains
+ open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed
+ until the container is restarted. If this flag
+ is false, a container processes that reads from
+ stdin will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to
+ which the container''s termination message will
+ be written is mounted into the container''s filesystem.
+ Message written is intended to be brief final
+ status, such as an assertion failure message.
+ Will be truncated by the node if greater than
+ 4096 bytes. The total message length across all
+ containers will be limited to 12kb. Defaults to
+ /dev/termination-log. Cannot be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message
+ should be populated. File will use the contents
+ of terminationMessagePath to populate the container
+ status message on both success and failure. FallbackToLogsOnError
+ will use the last chunk of container log output
+ if the termination message file is empty and the
+ container exited with an error. The log output
+ is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be
+ true. Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at
+ which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how
+ mounts are propagated from the host to container
+ and the other way around. When not set,
+ MountPropagationNone is used. This field
+ is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults
+ to false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume
+ from which the container's volume should
+ be mounted. Behaves similarly to SubPath
+ but environment variable references $(VAR_NAME)
+ are expanded using the container's environment.
+ Defaults to "" (volume's root). SubPathExpr
+ and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not
+ specified, the container runtime's default will
+ be used, which might be configured in the container
+ image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsPolicy:
+ description: DNSPolicy defines how a pod's DNS will be
+ configured.
+ type: string
+ ephemeralContainers:
+ items:
+ description: An EphemeralContainer is a container that
+ may be added temporarily to an existing pod for user-initiated
+ activities such as debugging. Ephemeral containers
+ have no resource or scheduling guarantees, and they
+ will not be restarted when they exit or when a pod
+ is removed or restarted. If an ephemeral container
+ causes a pod to exceed its resource allocation, the
+ pod may be evicted. Ephemeral containers may not be
+ added by directly updating the pod spec. They must
+ be added via the pod's ephemeralcontainers subresource,
+ and they will appear in the pod spec once added. This
+ is an alpha feature enabled by the EphemeralContainers
+ feature flag.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using
+ the container''s environment. If a variable cannot
+ be resolved, the reference in the input string
+ will be unchanged. The $(VAR_NAME) syntax can
+ be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used
+ if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment.
+ If a variable cannot be resolved, the reference
+ in the input string will be unchanged. The $(VAR_NAME)
+ syntax can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set
+ in the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined
+ environment variables in the container and
+ any service environment variables. If a
+ variable cannot be resolved, the reference
+ in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to
+ "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the
+ container: only resources limits and
+ requests (limits.cpu, limits.memory,
+ limits.ephemeral-storage, requests.cpu,
+ requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container
+ is starting. When a key exists in multiple sources,
+ the value associated with the last source will
+ take precedence. Values defined by an Env with
+ a duplicate key will take precedence. Cannot be
+ updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always,
+ Never, IfNotPresent. Defaults to Always if :latest
+ tag is specified, or IfNotPresent otherwise. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Lifecycle is not allowed for ephemeral
+ containers.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately
+ after a container is created. If the handler
+ fails, the container is terminated and restarted
+ according to its restart policy. Other management
+ of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately
+ before a container is terminated due to an
+ API request or management event such as liveness/startup
+ probe failure, preemption, resource contention,
+ etc. The handler is not called if the container
+ crashes or exits. The reason for termination
+ is passed to the handler. The Pod''s termination
+ grace period countdown begins before the PreStop
+ hooked is executed. Regardless of the outcome
+ of the handler, the container will eventually
+ terminate within the Pod''s termination grace
+ period. Other management of the container
+ blocks until the hook completes or until the
+ termination grace period is reached. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the ephemeral container specified
+ as a DNS_LABEL. This name must be unique among
+ all containers, init containers and ephemeral
+ containers.
+ type: string
+ ports:
+ description: Ports are not allowed for ephemeral
+ containers.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the
+ pod's IP address. This must be a valid port
+ number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the
+ host. If specified, this must be a valid
+ port number, 0 < x < 65536. If HostNetwork
+ is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an
+ IANA_SVC_NAME and unique within the pod.
+ Each named port in a pod must have a unique
+ name. Name for the port that can be referred
+ to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP,
+ TCP, or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ readinessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: Resources are not allowed for ephemeral
+ containers. Ephemeral containers use spare resources
+ already allocated to the pod.
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum
+ amount of compute resources required. If Requests
+ is omitted for a container, it defaults to
+ Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info:
+ https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: SecurityContext is not allowed for
+ ephemeral containers.
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges
+ than its parent process. This bool directly
+ controls if the no_new_privs flag will be
+ set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run
+ as Privileged 2) has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when
+ running containers. Defaults to the default
+ set of capabilities granted by the container
+ runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode.
+ Processes in privileged containers are essentially
+ equivalent to root on the host. Defaults to
+ false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default
+ is DefaultProcMount which uses the container
+ runtime defaults for readonly paths and masked
+ paths. This requires the ProcMountType feature
+ flag to be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of
+ the container process. Uses runtime default
+ if unset. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must
+ run as a non-root user. If true, the Kubelet
+ will validate the image at runtime to ensure
+ that it does not run as UID 0 (root) and fail
+ to start the container if it does. If unset
+ or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of
+ the container process. Defaults to user specified
+ in image metadata if unspecified. May also
+ be set in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied
+ to the container. If unspecified, the container
+ runtime will allocate a random SELinux context
+ for each container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided
+ at both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates
+ a profile defined in a file on the node
+ should be used. The profile must be preconfigured
+ on the node to work. Must be a descending
+ path, relative to the kubelet's configured
+ seccomp profile location. Must only be
+ set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind
+ of seccomp profile will be applied. Valid
+ options are: \n Localhost - a profile
+ defined in a file on the node should be
+ used. RuntimeDefault - the container runtime
+ default profile should be used. Unconfined
+ - no profile should be applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where
+ the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName
+ field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to
+ run the entrypoint of the container process.
+ Defaults to the user specified in image
+ metadata if unspecified. May also be set
+ in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext
+ takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If
+ this is not set, reads from stdin in the container
+ will always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should
+ close the stdin channel after it has been opened
+ by a single attach. When stdin is true the stdin
+ stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is
+ opened on container start, is empty until the
+ first client attaches to stdin, and then remains
+ open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed
+ until the container is restarted. If this flag
+ is false, a container processes that reads from
+ stdin will never receive an EOF. Default is false
+ type: boolean
+ targetContainerName:
+ description: If set, the name of the container from
+ PodSpec that this ephemeral container targets.
+ The ephemeral container will be run in the namespaces
+ (IPC, PID, etc) of this container. If not set
+ then the ephemeral container is run in whatever
+ namespaces are shared for the pod. Note that the
+ container runtime must support this feature.
+ type: string
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to
+ which the container''s termination message will
+ be written is mounted into the container''s filesystem.
+ Message written is intended to be brief final
+ status, such as an assertion failure message.
+ Will be truncated by the node if greater than
+ 4096 bytes. The total message length across all
+ containers will be limited to 12kb. Defaults to
+ /dev/termination-log. Cannot be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message
+ should be populated. File will use the contents
+ of terminationMessagePath to populate the container
+ status message on both success and failure. FallbackToLogsOnError
+ will use the last chunk of container log output
+ if the termination message file is empty and the
+ container exited with an error. The log output
+ is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be
+ true. Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at
+ which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how
+ mounts are propagated from the host to container
+ and the other way around. When not set,
+ MountPropagationNone is used. This field
+ is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults
+ to false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume
+ from which the container's volume should
+ be mounted. Behaves similarly to SubPath
+ but environment variable references $(VAR_NAME)
+ are expanded using the container's environment.
+ Defaults to "" (volume's root). SubPathExpr
+ and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not
+ specified, the container runtime's default will
+ be used, which might be configured in the container
+ image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ initContainers:
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The docker
+ image''s CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using
+ the container''s environment. If a variable cannot
+ be resolved, the reference in the input string
+ will be unchanged. The $(VAR_NAME) syntax can
+ be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The docker image''s ENTRYPOINT is used
+ if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment.
+ If a variable cannot be resolved, the reference
+ in the input string will be unchanged. The $(VAR_NAME)
+ syntax can be escaped with a double $$, ie: $$(VAR_NAME).
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot
+ be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set
+ in the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previous defined
+ environment variables in the container and
+ any service environment variables. If a
+ variable cannot be resolved, the reference
+ in the input string will be unchanged. The
+ $(VAR_NAME) syntax can be escaped with a
+ double $$, ie: $$(VAR_NAME). Escaped references
+ will never be expanded, regardless of whether
+ the variable exists or not. Defaults to
+ "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ description: 'Selects a field of the pod:
+ supports metadata.name, metadata.namespace,
+ `metadata.labels['''']`, `metadata.annotations['''']`,
+ spec.nodeName, spec.serviceAccountName,
+ status.hostIP, status.podIP, status.podIPs.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ description: 'Selects a resource of the
+ container: only resources limits and
+ requests (limits.cpu, limits.memory,
+ limits.ephemeral-storage, requests.cpu,
+ requests.memory and requests.ephemeral-storage)
+ are currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container
+ is starting. When a key exists in multiple sources,
+ the value associated with the last source will
+ take precedence. Values defined by an Env with
+ a duplicate key will take precedence. Cannot be
+ updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config
+ management to default or override container images
+ in workload controllers like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always,
+ Never, IfNotPresent. Defaults to Always if :latest
+ tag is specified, or IfNotPresent otherwise. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ lifecycle:
+ description: Actions that the management system
+ should take in response to container lifecycle
+ events. Cannot be updated.
+ properties:
+ postStart:
+ description: 'PostStart is called immediately
+ after a container is created. If the handler
+ fails, the container is terminated and restarted
+ according to its restart policy. Other management
+ of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: 'PreStop is called immediately
+ before a container is terminated due to an
+ API request or management event such as liveness/startup
+ probe failure, preemption, resource contention,
+ etc. The handler is not called if the container
+ crashes or exits. The reason for termination
+ is passed to the handler. The Pod''s termination
+ grace period countdown begins before the PreStop
+ hooked is executed. Regardless of the outcome
+ of the handler, the container will eventually
+ terminate within the Pod''s termination grace
+ period. Other management of the container
+ blocks until the hook completes or until the
+ termination grace period is reached. More
+ info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the
+ action to take.
+ properties:
+ command:
+ description: Command is the command
+ line to execute inside the container,
+ the working directory for the command is
+ root ('/') in the container's filesystem.
+ The command is simply exec'd, it is
+ not run inside a shell, so traditional
+ shell instructions ('|', etc) won't
+ work. To use a shell, you need to
+ explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy
+ and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: Host name to connect to,
+ defaults to the pod IP. You probably
+ want to set "Host" in httpHeaders
+ instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: The header field
+ name
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet
+ supported TODO: implement a realistic
+ TCP lifecycle hook'
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number
+ must be in the range 1 to 65535. Name
+ must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: 'Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the container specified as
+ a DNS_LABEL. Each container in a pod must have
+ a unique name (DNS_LABEL). Cannot be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container.
+ Exposing a port here gives the system additional
+ information about the network connections a container
+ uses, but is primarily informational. Not specifying
+ a port here DOES NOT prevent that port from being
+ exposed. Any port which is listening on the default
+ "0.0.0.0" address inside a container will be accessible
+ from the network. Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the
+ pod's IP address. This must be a valid port
+ number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: Number of port to expose on the
+ host. If specified, this must be a valid
+ port number, 0 < x < 65536. If HostNetwork
+ is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an
+ IANA_SVC_NAME and unique within the pod.
+ Each named port in a pod must have a unique
+ name. Name for the port that can be referred
+ to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP,
+ TCP, or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: 'Periodic probe of container service
+ readiness. Container will be removed from service
+ endpoints if the probe fails. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: 'Compute Resources required by this
+ container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum
+ amount of compute resources required. If Requests
+ is omitted for a container, it defaults to
+ Limits if that is explicitly specified, otherwise
+ to an implementation-defined value. More info:
+ https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ securityContext:
+ description: 'Security options the pod should run
+ with. More info: https://kubernetes.io/docs/concepts/policy/security-context/
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges
+ than its parent process. This bool directly
+ controls if the no_new_privs flag will be
+ set on the container process. AllowPrivilegeEscalation
+ is true always when the container is: 1) run
+ as Privileged 2) has CAP_SYS_ADMIN'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when
+ running containers. Defaults to the default
+ set of capabilities granted by the container
+ runtime.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: Run container in privileged mode.
+ Processes in privileged containers are essentially
+ equivalent to root on the host. Defaults to
+ false.
+ type: boolean
+ procMount:
+ description: procMount denotes the type of proc
+ mount to use for the containers. The default
+ is DefaultProcMount which uses the container
+ runtime defaults for readonly paths and masked
+ paths. This requires the ProcMountType feature
+ flag to be enabled.
+ type: string
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of
+ the container process. Uses runtime default
+ if unset. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must
+ run as a non-root user. If true, the Kubelet
+ will validate the image at runtime to ensure
+ that it does not run as UID 0 (root) and fail
+ to start the container if it does. If unset
+ or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of
+ the container process. Defaults to user specified
+ in image metadata if unspecified. May also
+ be set in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext, the
+ value specified in SecurityContext takes precedence.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: The SELinux context to be applied
+ to the container. If unspecified, the container
+ runtime will allocate a random SELinux context
+ for each container. May also be set in PodSecurityContext. If
+ set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided
+ at both the pod & container level, the container
+ options override the pod options.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates
+ a profile defined in a file on the node
+ should be used. The profile must be preconfigured
+ on the node to work. Must be a descending
+ path, relative to the kubelet's configured
+ seccomp profile location. Must only be
+ set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind
+ of seccomp profile will be applied. Valid
+ options are: \n Localhost - a profile
+ defined in a file on the node should be
+ used. RuntimeDefault - the container runtime
+ default profile should be used. Unconfined
+ - no profile should be applied."
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: The Windows specific settings applied
+ to all containers. If unspecified, the options
+ from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes
+ precedence.
+ properties:
+ gmsaCredentialSpec:
+ description: GMSACredentialSpec is where
+ the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+ inlines the contents of the GMSA credential
+ spec named by the GMSACredentialSpecName
+ field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ runAsUserName:
+ description: The UserName in Windows to
+ run the entrypoint of the container process.
+ Defaults to the user specified in image
+ metadata if unspecified. May also be set
+ in PodSecurityContext. If set in both
+ SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext
+ takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: 'StartupProbe indicates that the Pod
+ has successfully initialized. If specified, no
+ other probes are executed until this completes
+ successfully. If this probe fails, the Pod will
+ be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters
+ at the beginning of a Pod''s lifecycle, when it
+ might take a long time to load data or warm a
+ cache, than during steady-state operation. This
+ cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: One and only one of the following
+ should be specified. Exec specifies the action
+ to take.
+ properties:
+ command:
+ description: Command is the command line
+ to execute inside the container, the working
+ directory for the command is root ('/')
+ in the container's filesystem. The command
+ is simply exec'd, it is not run inside
+ a shell, so traditional shell instructions
+ ('|', etc) won't work. To use a shell,
+ you need to explicitly call out to that
+ shell. Exit status of 0 is treated as
+ live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for
+ the probe to be considered failed after having
+ succeeded. Defaults to 3. Minimum value is
+ 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting
+ to the host. Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform
+ the probe. Default to 10 seconds. Minimum
+ value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for
+ the probe to be considered successful after
+ having failed. Defaults to 1. Must be 1 for
+ liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: 'TCPSocket specifies an action
+ involving a TCP port. TCP hooks not yet supported
+ TODO: implement a realistic TCP lifecycle
+ hook'
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port
+ to access on the container. Number must
+ be in the range 1 to 65535. Name must
+ be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which
+ the probe times out. Defaults to 1 second.
+ Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: Whether this container should allocate
+ a buffer for stdin in the container runtime. If
+ this is not set, reads from stdin in the container
+ will always result in EOF. Default is false.
+ type: boolean
+ stdinOnce:
+ description: Whether the container runtime should
+ close the stdin channel after it has been opened
+ by a single attach. When stdin is true the stdin
+ stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is
+ opened on container start, is empty until the
+ first client attaches to stdin, and then remains
+ open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed
+ until the container is restarted. If this flag
+ is false, a container processes that reads from
+ stdin will never receive an EOF. Default is false
+ type: boolean
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to
+ which the container''s termination message will
+ be written is mounted into the container''s filesystem.
+ Message written is intended to be brief final
+ status, such as an assertion failure message.
+ Will be truncated by the node if greater than
+ 4096 bytes. The total message length across all
+ containers will be limited to 12kb. Defaults to
+ /dev/termination-log. Cannot be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message
+ should be populated. File will use the contents
+ of terminationMessagePath to populate the container
+ status message on both success and failure. FallbackToLogsOnError
+ will use the last chunk of container log output
+ if the termination message file is empty and the
+ container exited with an error. The log output
+ is limited to 2048 bytes or 80 lines, whichever
+ is smaller. Defaults to File. Cannot be updated.
+ type: string
+ tty:
+ description: Whether this container should allocate
+ a TTY for itself, also requires 'stdin' to be
+ true. Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at
+ which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: mountPropagation determines how
+ mounts are propagated from the host to container
+ and the other way around. When not set,
+ MountPropagationNone is used. This field
+ is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults
+ to false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: Expanded path within the volume
+ from which the container's volume should
+ be mounted. Behaves similarly to SubPath
+ but environment variable references $(VAR_NAME)
+ are expanded using the container's environment.
+ Defaults to "" (volume's root). SubPathExpr
+ and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not
+ specified, the container runtime's default will
+ be used, which might be configured in the container
+ image. Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ restartPolicy:
+ description: RestartPolicy describes how the container
+ should be restarted. Only one of the following restart
+ policies may be specified. If none of the following
+ policies is specified, the default one is RestartPolicyAlways.
+ type: string
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ topologySpreadConstraints:
+ items:
+ description: TopologySpreadConstraint specifies how
+ to spread matching pods among the given topology.
+ properties:
+ labelSelector:
+ description: LabelSelector is used to find matching
+ pods. Pods that match this label selector are
+ counted to determine the number of pods in their
+ corresponding topology domain.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: A label selector requirement
+ is a selector that contains values, a key,
+ and an operator that relates the key and
+ values.
+ properties:
+ key:
+ description: key is the label key that
+ the selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's
+ relationship to a set of values. Valid
+ operators are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string
+ values. If the operator is In or NotIn,
+ the values array must be non-empty.
+ If the operator is Exists or DoesNotExist,
+ the values array must be empty. This
+ array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value}
+ pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions,
+ whose key field is "key", the operator is
+ "In", and the values array contains only "value".
+ The requirements are ANDed.
+ type: object
+ type: object
+ maxSkew:
+ description: 'MaxSkew describes the degree to which
+ pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
+ it is the maximum permitted difference between
+ the number of matching pods in the target topology
+ and the global minimum. For example, in a 3-zone
+ cluster, MaxSkew is set to 1, and pods with the
+ same labelSelector spread as 1/1/0: | zone1 |
+ zone2 | zone3 | | P | P | | - if
+ MaxSkew is 1, incoming pod can only be scheduled
+ to zone3 to become 1/1/1; scheduling it onto zone1(zone2)
+ would make the ActualSkew(2-0) on zone1(zone2)
+ violate MaxSkew(1). - if MaxSkew is 2, incoming
+ pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
+ it is used to give higher precedence to topologies
+ that satisfy it. It''s a required field. Default
+ value is 1 and 0 is not allowed.'
+ format: int32
+ type: integer
+ topologyKey:
+ description: TopologyKey is the key of node labels.
+ Nodes that have a label with this key and identical
+ values are considered to be in the same topology.
+ We consider each as a "bucket", and
+ try to put balanced number of pods into each bucket.
+ It's a required field.
+ type: string
+ whenUnsatisfiable:
+ description: 'WhenUnsatisfiable indicates how to
+ deal with a pod if it doesn''t satisfy the spread
+ constraint. - DoNotSchedule (default) tells the
+ scheduler not to schedule it. - ScheduleAnyway
+ tells the scheduler to schedule the pod in any
+ location, but giving higher precedence to topologies
+ that would help reduce the skew. A constraint
+ is considered "Unsatisfiable" for an incoming
+ pod if and only if every possible node assigment
+ for that pod would violate "MaxSkew" on some topology.
+ For example, in a 3-zone cluster, MaxSkew is set
+ to 1, and pods with the same labelSelector spread
+ as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P |
+ If WhenUnsatisfiable is set to DoNotSchedule,
+ incoming pod can only be scheduled to zone2(zone3)
+ to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3)
+ satisfies MaxSkew(1). In other words, the cluster
+ can still be imbalanced, but scheduler won''t
+ make it *more* imbalanced. It''s a required field.'
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ volumes:
+ items:
+ description: Volume represents a named volume in a pod
+ that may be accessed by any container in the pod.
+ properties:
+ awsElasticBlockStore:
+ description: 'AWSElasticBlockStore represents an
+ AWS Disk resource that is attached to a kubelet''s
+ host machine and then exposed to the pod. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume
+ that you want to mount. Tip: Ensure that the
+ filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ partition:
+ description: 'The partition in the volume that
+ you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For
+ volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
+ format: int32
+ type: integer
+ readOnly:
+ description: 'Specify "true" to force and set
+ the ReadOnly property in VolumeMounts to "true".
+ If omitted, the default is "false". More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ type: boolean
+ volumeID:
+ description: 'Unique ID of the persistent disk
+ resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ description: AzureDisk represents an Azure Data
+ Disk mount on the host and bind mount to the pod.
+ properties:
+ cachingMode:
+ description: 'Host Caching mode: None, Read
+ Only, Read Write.'
+ type: string
+ diskName:
+ description: The Name of the data disk in the
+ blob storage
+ type: string
+ diskURI:
+ description: The URI the data disk in the blob
+ storage
+ type: string
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ kind:
+ description: 'Expected values Shared: multiple
+ blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
+ set). defaults to shared'
+ type: string
+ readOnly:
+ description: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ description: AzureFile represents an Azure File
+ Service mount on the host and bind mount to the
+ pod.
+ properties:
+ readOnly:
+ description: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
+ type: boolean
+ secretName:
+ description: the name of secret that contains
+ Azure Storage Account Name and Key
+ type: string
+ shareName:
+ description: Share Name
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ description: CephFS represents a Ceph FS mount on
+ the host that shares a pod's lifetime
+ properties:
+ monitors:
+ description: 'Required: Monitors is a collection
+ of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ items:
+ type: string
+ type: array
+ path:
+ description: 'Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
+ type: string
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: boolean
+ secretFile:
+ description: 'Optional: SecretFile is the path
+ to key ring for User, default is /etc/ceph/user.secret
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: string
+ secretRef:
+ description: 'Optional: SecretRef is reference
+ to the authentication secret for User, default
+ is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ user:
+ description: 'Optional: User is the rados user
+ name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ description: 'Cinder represents a cinder volume
+ attached and mounted on kubelets host machine.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ properties:
+ fsType:
+ description: 'Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: string
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: boolean
+ secretRef:
+ description: 'Optional: points to a secret object
+ containing parameters used to connect to OpenStack.'
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ volumeID:
+ description: 'volume id used to identify the
+ volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ description: ConfigMap represents a configMap that
+ should populate this volume
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits used to set
+ permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Defaults to
+ 0644. Directories within the path are not
+ affected by this setting. This might be in
+ conflict with other options that affect the
+ file mode, like fsGroup, and the result can
+ be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: If unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
+ into the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may not
+ contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits used
+ to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal
+ values, JSON requires decimal values
+ for mode bits. If not specified, the
+ volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of the
+ file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the
+ string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its keys must be defined
+ type: boolean
+ type: object
+ csi:
+ description: CSI (Container Storage Interface) represents
+ ephemeral storage that is handled by certain external
+ CSI drivers (Beta feature).
+ properties:
+ driver:
+ description: Driver is the name of the CSI driver
+ that handles this volume. Consult with your
+ admin for the correct name as registered in
+ the cluster.
+ type: string
+ fsType:
+ description: Filesystem type to mount. Ex. "ext4",
+ "xfs", "ntfs". If not provided, the empty
+ value is passed to the associated CSI driver
+ which will determine the default filesystem
+ to apply.
+ type: string
+ nodePublishSecretRef:
+ description: NodePublishSecretRef is a reference
+ to the secret object containing sensitive
+ information to pass to the CSI driver to complete
+ the CSI NodePublishVolume and NodeUnpublishVolume
+ calls. This field is optional, and may be
+ empty if no secret is required. If the secret
+ object contains more than one secret, all
+ secret references are passed.
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ readOnly:
+ description: Specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ description: VolumeAttributes stores driver-specific
+ properties that are passed to the CSI driver.
+ Consult your driver's documentation for supported
+ values.
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ description: DownwardAPI represents downward API
+ about the pod that should populate this volume
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits to use on
+ created files by default. Must be a Optional:
+ mode bits used to set permissions on created
+ files by default. Must be an octal value between
+ 0000 and 0777 or a decimal value between 0
+ and 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for mode
+ bits. Defaults to 0644. Directories within
+ the path are not affected by this setting.
+ This might be in conflict with other options
+ that affect the file mode, like fsGroup, and
+ the result can be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: Items is a list of downward API
+ volume file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects a field
+ of the pod: only annotations, labels,
+ name and namespace are supported.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ description: 'Optional: mode bits used
+ to set permissions on this file, must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal
+ values, JSON requires decimal values
+ for mode bits. If not specified, the
+ volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the relative
+ path name of the file to be created.
+ Must not be absolute or contain the
+ ''..'' path. Must be utf-8 encoded.
+ The first item of the relative path
+ must not start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: 'Selects a resource of the
+ container: only resources limits and
+ requests (limits.cpu, limits.memory,
+ requests.cpu and requests.memory) are
+ currently supported.'
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ description: 'EmptyDir represents a temporary directory
+ that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ properties:
+ medium:
+ description: 'What type of storage medium should
+ back this directory. The default is "" which
+ means to use the node''s default medium. Must
+ be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Total amount of local storage
+ required for this EmptyDir volume. The size
+ limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is
+ nil which means that the limit is undefined.
+ More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ description: "Ephemeral represents a volume that
+ is handled by a cluster storage driver (Alpha
+ feature). The volume's lifecycle is tied to the
+ pod that defines it - it will be created before
+ the pod starts, and deleted when the pod is removed.
+ \n Use this if: a) the volume is only needed while
+ the pod runs, b) features of normal volumes like
+ restoring from snapshot or capacity tracking
+ are needed, c) the storage driver is specified
+ through a storage class, and d) the storage driver
+ supports dynamic volume provisioning through a
+ PersistentVolumeClaim (see EphemeralVolumeSource
+ for more information on the connection between
+ this volume type and PersistentVolumeClaim).
+ \n Use PersistentVolumeClaim or one of the vendor-specific
+ APIs for volumes that persist for longer than
+ the lifecycle of an individual pod. \n Use CSI
+ for light-weight local ephemeral volumes if the
+ CSI driver is meant to be used that way - see
+ the documentation of the driver for more information.
+ \n A pod can use both types of ephemeral volumes
+ and persistent volumes at the same time."
+ properties:
+ readOnly:
+ description: Specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
+ type: boolean
+ volumeClaimTemplate:
+ description: "Will be used to create a stand-alone
+ PVC to provision the volume. The pod in which
+ this EphemeralVolumeSource is embedded will
+ be the owner of the PVC, i.e. the PVC will
+ be deleted together with the pod. The name
+ of the PVC will be `-`
+ where `` is the name from the
+ `PodSpec.Volumes` array entry. Pod validation
+ will reject the pod if the concatenated name
+ is not valid for a PVC (for example, too long).
+ \n An existing PVC with that name that is
+ not owned by the pod will *not* be used for
+ the pod to avoid using an unrelated volume
+ by mistake. Starting the pod is then blocked
+ until the unrelated PVC is removed. If such
+ a pre-created PVC is meant to be used by the
+ pod, the PVC has to updated with an owner
+ reference to the pod once the pod exists.
+ Normally this should not be necessary, but
+ it may be useful when manually reconstructing
+ a broken cluster. \n This field is read-only
+ and no changes will be made by Kubernetes
+ to the PVC after it has been created. \n Required,
+ must not be nil."
+ properties:
+ metadata:
+ description: May contain labels and annotations
+ that will be copied into the PVC when
+ creating it. No other fields are allowed
+ and will be rejected during validation.
+ type: object
+ spec:
+ description: The specification for the PersistentVolumeClaim.
+ The entire content is copied unchanged
+ into the PVC that gets created from this
+ template. The same fields as in a PersistentVolumeClaim
+ are also valid here.
+ properties:
+ accessModes:
+ description: 'AccessModes contains the
+ desired access modes the volume should
+ have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: 'This field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim)
+ * An existing custom resource that
+ implements data population (Alpha)
+ In order to use custom resource types
+ that implement data population, the
+ AnyVolumeDataSource feature gate must
+ be enabled. If the provisioner or
+ an external controller can support
+ the specified data source, it will
+ create a new volume based on the contents
+ of the specified data source.'
+ properties:
+ apiGroup:
+ description: APIGroup is the group
+ for the resource being referenced.
+ If APIGroup is not specified,
+ the specified Kind must be in
+ the core API group. For any other
+ third-party types, APIGroup is
+ required.
+ type: string
+ kind:
+ description: Kind is the type of
+ resource being referenced
+ type: string
+ name:
+ description: Name is the name of
+ resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ description: 'Resources represents the
+ minimum resources the volume should
+ have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the
+ maximum amount of compute resources
+ allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes
+ the minimum amount of compute
+ resources required. If Requests
+ is omitted for a container, it
+ defaults to Limits if that is
+ explicitly specified, otherwise
+ to an implementation-defined value.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+ type: object
+ type: object
+ selector:
+ description: A label query over volumes
+ to consider for binding.
+ properties:
+ matchExpressions:
+ description: matchExpressions is
+ a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector that
+ contains values, a key, and
+ an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents
+ a key's relationship to
+ a set of values. Valid operators
+ are In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is an
+ array of string values.
+ If the operator is In or
+ NotIn, the values array
+ must be non-empty. If the
+ operator is Exists or DoesNotExist,
+ the values array must be
+ empty. This array is replaced
+ during a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map
+ of {key,value} pairs. A single
+ {key,value} in the matchLabels
+ map is equivalent to an element
+ of matchExpressions, whose key
+ field is "key", the operator is
+ "In", and the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ storageClassName:
+ description: 'Name of the StorageClass
+ required by the claim. More info:
+ https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ type: string
+ volumeMode:
+ description: volumeMode defines what
+ type of volume is required by the
+ claim. Value of Filesystem is implied
+ when not included in claim spec.
+ type: string
+ volumeName:
+ description: VolumeName is the binding
+ reference to the PersistentVolume
+ backing this claim.
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ description: FC represents a Fibre Channel resource
+ that is attached to a kubelet's host machine and
+ then exposed to the pod.
+ properties:
+ fsType:
+ description: 'Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ lun:
+ description: 'Optional: FC target lun number'
+ format: int32
+ type: integer
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.'
+ type: boolean
+ targetWWNs:
+ description: 'Optional: FC target worldwide
+ names (WWNs)'
+ items:
+ type: string
+ type: array
+ wwids:
+ description: 'Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not
+ both simultaneously.'
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ description: FlexVolume represents a generic volume
+ resource that is provisioned/attached using an
+ exec based plugin.
+ properties:
+ driver:
+ description: Driver is the name of the driver
+ to use for this volume.
+ type: string
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ The default filesystem depends on FlexVolume
+ script.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: 'Optional: Extra command options
+ if any.'
+ type: object
+ readOnly:
+ description: 'Optional: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.'
+ type: boolean
+ secretRef:
+ description: 'Optional: SecretRef is reference
+ to the secret object containing sensitive
+ information to pass to the plugin scripts.
+ This may be empty if no secret object is specified.
+ If the secret object contains more than one
+ secret, all secrets are passed to the plugin
+ scripts.'
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ description: Flocker represents a Flocker volume
+ attached to a kubelet's host machine. This depends
+ on the Flocker control service being running
+ properties:
+ datasetName:
+ description: Name of the dataset stored as metadata
+ -> name on the dataset for Flocker should
+ be considered as deprecated
+ type: string
+ datasetUUID:
+ description: UUID of the dataset. This is unique
+ identifier of a Flocker dataset
+ type: string
+ type: object
+ gcePersistentDisk:
+ description: 'GCEPersistentDisk represents a GCE
+ Disk resource that is attached to a kubelet''s
+ host machine and then exposed to the pod. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume
+ that you want to mount. Tip: Ensure that the
+ filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ partition:
+ description: 'The partition in the volume that
+ you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For
+ volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ format: int32
+ type: integer
+ pdName:
+ description: 'Unique name of the PD resource
+ in GCE. Used to identify the disk in GCE.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ description: 'GitRepo represents a git repository
+ at a particular revision. DEPRECATED: GitRepo
+ is deprecated. To provision a container with a
+ git repo, mount an EmptyDir into an InitContainer
+ that clones the repo using git, then mount the
+ EmptyDir into the Pod''s container.'
+ properties:
+ directory:
+ description: Target directory name. Must not
+ contain or start with '..'. If '.' is supplied,
+ the volume directory will be the git repository. Otherwise,
+ if specified, the volume will contain the
+ git repository in the subdirectory with the
+ given name.
+ type: string
+ repository:
+ description: Repository URL
+ type: string
+ revision:
+ description: Commit hash for the specified revision.
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ description: 'Glusterfs represents a Glusterfs mount
+ on the host that shares a pod''s lifetime. More
+ info: https://examples.k8s.io/volumes/glusterfs/README.md'
+ properties:
+ endpoints:
+ description: 'EndpointsName is the endpoint
+ name that details Glusterfs topology. More
+ info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: string
+ path:
+ description: 'Path is the Glusterfs volume path.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the Glusterfs
+ volume to be mounted with read-only permissions.
+ Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ description: 'HostPath represents a pre-existing
+ file or directory on the host machine that is
+ directly exposed to the container. This is generally
+ used for system agents or other privileged things
+ that are allowed to see the host machine. Most
+ containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ --- TODO(jonesdl) We need to restrict who can
+ use host directory mounts and who can/can not
+ mount host directories as read/write.'
+ properties:
+ path:
+ description: 'Path of the directory on the host.
+ If the path is a symlink, it will follow the
+ link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+ type: string
+ type:
+ description: 'Type for HostPath Volume Defaults
+ to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ description: 'ISCSI represents an ISCSI Disk resource
+ that is attached to a kubelet''s host machine
+ and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+ properties:
+ chapAuthDiscovery:
+ description: whether support iSCSI Discovery
+ CHAP authentication
+ type: boolean
+ chapAuthSession:
+ description: whether support iSCSI Session CHAP
+ authentication
+ type: boolean
+ fsType:
+ description: 'Filesystem type of the volume
+ that you want to mount. Tip: Ensure that the
+ filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ initiatorName:
+ description: Custom iSCSI Initiator Name. If
+ initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for
+ the connection.
+ type: string
+ iqn:
+ description: Target iSCSI Qualified Name.
+ type: string
+ iscsiInterface:
+ description: iSCSI Interface Name that uses
+ an iSCSI transport. Defaults to 'default'
+ (tcp).
+ type: string
+ lun:
+ description: iSCSI Target Lun number.
+ format: int32
+ type: integer
+ portals:
+ description: iSCSI Target Portal List. The portal
+ is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports
+ 860 and 3260).
+ items:
+ type: string
+ type: array
+ readOnly:
+ description: ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false.
+ type: boolean
+ secretRef:
+ description: CHAP Secret for iSCSI target and
+ initiator authentication
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ targetPortal:
+ description: iSCSI Target Portal. The Portal
+ is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports
+ 860 and 3260).
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ description: 'Volume''s name. Must be a DNS_LABEL
+ and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ nfs:
+ description: 'NFS represents an NFS mount on the
+ host that shares a pod''s lifetime More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ properties:
+ path:
+ description: 'Path that is exported by the NFS
+ server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the NFS
+ export to be mounted with read-only permissions.
+ Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: boolean
+ server:
+ description: 'Server is the hostname or IP address
+ of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ description: 'PersistentVolumeClaimVolumeSource
+ represents a reference to a PersistentVolumeClaim
+ in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ properties:
+ claimName:
+ description: 'ClaimName is the name of a PersistentVolumeClaim
+ in the same namespace as the pod using this
+ volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ type: string
+ readOnly:
+ description: Will force the ReadOnly setting
+ in VolumeMounts. Default false.
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ description: PhotonPersistentDisk represents a PhotonController
+ persistent disk attached and mounted on kubelets
+ host machine
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ pdID:
+ description: ID that identifies Photon Controller
+ persistent disk
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ description: PortworxVolume represents a portworx
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: FSType represents the filesystem
+ type to mount Must be a filesystem type supported
+ by the host operating system. Ex. "ext4",
+ "xfs". Implicitly inferred to be "ext4" if
+ unspecified.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
+ type: boolean
+ volumeID:
+ description: VolumeID uniquely identifies a
+ Portworx volume
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ description: Items for all in one resources secrets,
+ configmaps, and downward API
+ properties:
+ defaultMode:
+ description: Mode bits used to set permissions
+ on created files by default. Must be an octal
+ value between 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal
+ values for mode bits. Directories within the
+ path are not affected by this setting. This
+ might be in conflict with other options that
+ affect the file mode, like fsGroup, and the
+ result can be other mode bits set.
+ format: int32
+ type: integer
+ sources:
+ description: list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ configMap:
+ description: information about the configMap
+ data to project
+ properties:
+ items:
+ description: If unspecified, each
+ key-value pair in the Data field
+ of the referenced ConfigMap will
+ be projected into the volume as
+ a file whose name is the key and
+ content is the value. If specified,
+ the listed keys will be projected
+ into the specified paths, and unlisted
+ keys will not be present. If a key
+ is specified which is not present
+ in the ConfigMap, the volume setup
+ will error unless it is marked optional.
+ Paths must be relative and may not
+ contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode
+ bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between
+ 0 and 511. YAML accepts both
+ octal and decimal values,
+ JSON requires decimal values
+ for mode bits. If not specified,
+ the volume defaultMode will
+ be used. This might be in
+ conflict with other options
+ that affect the file mode,
+ like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path
+ of the file to map the key
+ to. May not be an absolute
+ path. May not contain the
+ path element '..'. May not
+ start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ downwardAPI:
+ description: information about the downwardAPI
+ data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile
+ represents information to create
+ the file containing the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace
+ are supported.'
+ properties:
+ apiVersion:
+ description: Version of
+ the schema the FieldPath
+ is written in terms of,
+ defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the
+ field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ description: 'Optional: mode
+ bits used to set permissions
+ on this file, must be an octal
+ value between 0000 and 0777
+ or a decimal value between
+ 0 and 511. YAML accepts both
+ octal and decimal values,
+ JSON requires decimal values
+ for mode bits. If not specified,
+ the volume defaultMode will
+ be used. This might be in
+ conflict with other options
+ that affect the file mode,
+ like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path
+ is the relative path name
+ of the file to be created.
+ Must not be absolute or contain
+ the ''..'' path. Must be utf-8
+ encoded. The first item of
+ the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: 'Selects a resource
+ of the container: only resources
+ limits and requests (limits.cpu,
+ limits.memory, requests.cpu
+ and requests.memory) are currently
+ supported.'
+ properties:
+ containerName:
+ description: 'Container
+ name: required for volumes,
+ optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the
+ output format of the exposed
+ resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required:
+ resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: information about the secret
+ data to project
+ properties:
+ items:
+ description: If unspecified, each
+ key-value pair in the Data field
+ of the referenced Secret will be
+ projected into the volume as a file
+ whose name is the key and content
+ is the value. If specified, the
+ listed keys will be projected into
+ the specified paths, and unlisted
+ keys will not be present. If a key
+ is specified which is not present
+ in the Secret, the volume setup
+ will error unless it is marked optional.
+ Paths must be relative and may not
+ contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode
+ bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between
+ 0 and 511. YAML accepts both
+ octal and decimal values,
+ JSON requires decimal values
+ for mode bits. If not specified,
+ the volume defaultMode will
+ be used. This might be in
+ conflict with other options
+ that affect the file mode,
+ like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path
+ of the file to map the key
+ to. May not be an absolute
+ path. May not contain the
+ path element '..'. May not
+ start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ type: object
+ serviceAccountToken:
+ description: information about the serviceAccountToken
+ data to project
+ properties:
+ audience:
+ description: Audience is the intended
+ audience of the token. A recipient
+ of a token must identify itself
+ with an identifier specified in
+ the audience of the token, and otherwise
+ should reject the token. The audience
+ defaults to the identifier of the
+ apiserver.
+ type: string
+ expirationSeconds:
+ description: ExpirationSeconds is
+ the requested duration of validity
+ of the service account token. As
+ the token approaches expiration,
+ the kubelet volume plugin will proactively
+ rotate the service account token.
+ The kubelet will start trying to
+ rotate the token if the token is
+ older than 80 percent of its time
+ to live or if the token is older
+ than 24 hours.Defaults to 1 hour
+ and must be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: Path is the path relative
+ to the mount point of the file to
+ project the token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ description: Quobyte represents a Quobyte mount
+ on the host that shares a pod's lifetime
+ properties:
+ group:
+ description: Group to map volume access to Default
+ is no group
+ type: string
+ readOnly:
+ description: ReadOnly here will force the Quobyte
+ volume to be mounted with read-only permissions.
+ Defaults to false.
+ type: boolean
+ registry:
+ description: Registry represents a single or
+ multiple Quobyte Registry services specified
+ as a string as host:port pair (multiple entries
+ are separated with commas) which acts as the
+ central registry for volumes
+ type: string
+ tenant:
+ description: Tenant owning the given Quobyte
+ volume in the Backend Used with dynamically
+ provisioned Quobyte volumes, value is set
+ by the plugin
+ type: string
+ user:
+ description: User to map volume access to Defaults
+ to serivceaccount user
+ type: string
+ volume:
+ description: Volume is a string that references
+ an already created Quobyte volume by name.
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ description: 'RBD represents a Rados Block Device
+ mount on the host that shares a pod''s lifetime.
+ More info: https://examples.k8s.io/volumes/rbd/README.md'
+ properties:
+ fsType:
+ description: 'Filesystem type of the volume
+ that you want to mount. Tip: Ensure that the
+ filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ TODO: how do we prevent errors in the filesystem
+ from compromising the machine'
+ type: string
+ image:
+ description: 'The rados image name. More info:
+ https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ keyring:
+ description: 'Keyring is the path to key ring
+ for RBDUser. Default is /etc/ceph/keyring.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ monitors:
+ description: 'A collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ items:
+ type: string
+ type: array
+ pool:
+ description: 'The rados pool name. Default is
+ rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ readOnly:
+ description: 'ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. Defaults to false.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: boolean
+ secretRef:
+ description: 'SecretRef is name of the authentication
+ secret for RBDUser. If provided overrides
+ keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ user:
+ description: 'The rados user name. Default is
+ admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ description: ScaleIO represents a ScaleIO persistent
+ volume attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Default is "xfs".
+ type: string
+ gateway:
+ description: The host address of the ScaleIO
+ API Gateway.
+ type: string
+ protectionDomain:
+ description: The name of the ScaleIO Protection
+ Domain for the configured storage.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: SecretRef references to the secret
+ for ScaleIO user and other sensitive information.
+ If this is not provided, Login operation will
+ fail.
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ sslEnabled:
+ description: Flag to enable/disable SSL communication
+ with Gateway, default false
+ type: boolean
+ storageMode:
+ description: Indicates whether the storage for
+ a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
+ type: string
+ storagePool:
+ description: The ScaleIO Storage Pool associated
+ with the protection domain.
+ type: string
+ system:
+ description: The name of the storage system
+ as configured in ScaleIO.
+ type: string
+ volumeName:
+ description: The name of a volume already created
+ in the ScaleIO system that is associated with
+ this volume source.
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ description: 'Secret represents a secret that should
+ populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ properties:
+ defaultMode:
+ description: 'Optional: mode bits used to set
+ permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Defaults to
+ 0644. Directories within the path are not
+ affected by this setting. This might be in
+ conflict with other options that affect the
+ file mode, like fsGroup, and the result can
+ be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
+ into the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the volume
+ setup will error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: The key to project.
+ type: string
+ mode:
+ description: 'Optional: mode bits used
+ to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal
+ values, JSON requires decimal values
+ for mode bits. If not specified, the
+ volume defaultMode will be used. This
+ might be in conflict with other options
+ that affect the file mode, like fsGroup,
+ and the result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: The relative path of the
+ file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the
+ string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: Specify whether the Secret or its
+ keys must be defined
+ type: boolean
+ secretName:
+ description: 'Name of the secret in the pod''s
+ namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ type: string
+ type: object
+ storageos:
+ description: StorageOS represents a StorageOS volume
+ attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: SecretRef specifies the secret
+ to use for obtaining the StorageOS API credentials. If
+ not specified, default values will be attempted.
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ volumeName:
+ description: VolumeName is the human-readable
+ name of the StorageOS volume. Volume names
+ are only unique within a namespace.
+ type: string
+ volumeNamespace:
+ description: VolumeNamespace specifies the scope
+ of the volume within StorageOS. If no namespace
+ is specified then the Pod's namespace will
+ be used. This allows the Kubernetes name
+ scoping to be mirrored within StorageOS for
+ tighter integration. Set VolumeName to any
+ name to override the default behaviour. Set
+ to "default" if you are not using namespaces
+ within StorageOS. Namespaces that do not pre-exist
+ within StorageOS will be created.
+ type: string
+ type: object
+ vsphereVolume:
+ description: VsphereVolume represents a vSphere
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: Filesystem type to mount. Must
+ be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ storagePolicyID:
+ description: Storage Policy Based Management
+ (SPBM) profile ID associated with the StoragePolicyName.
+ type: string
+ storagePolicyName:
+ description: Storage Policy Based Management
+ (SPBM) profile name.
+ type: string
+ volumePath:
+ description: Path that identifies vSphere volume
+ vmdk
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ traits:
+ additionalProperties:
+ description: A TraitSpec contains the configuration of a trait
+ properties:
+ configuration:
+ description: TraitConfiguration --
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ replicas:
+ description: Replicas is the number of desired replicas for the binding
+ format: int32
+ type: integer
+ sink:
+ description: Sink is the destination of the integration defined by
+ this binding
+ properties:
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead
+ of an entire object, this string should contain a valid
+ JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within
+ a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]"
+ (container with index 2 in this pod). This syntax is chosen
+ only to have some well-defined way of referencing a part
+ of an object. TODO: this design is not final and this field
+ is subject to change in the future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ types:
+ additionalProperties:
+ properties:
+ mediaType:
+ type: string
+ schema:
+ description: JSONSchemaProps is a JSON-Schema following
+ Specification Draft 4 (http://json-schema.org/).
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string,
+ []interface{}, map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ type: string
+ enum:
+ items:
+ description: 'JSON represents any valid JSON
+ value. These types are supported: bool, int64,
+ float64, string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64,
+ string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: "format is an OpenAPI v3 format string.
+ Unknown formats are ignored. The following formats
+ are validated: \n - bsonobjectid: a bson object
+ ID, i.e. a 24 characters hex string - uri: an
+ URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang
+ net/mail.ParseAddress - hostname: a valid representation
+ for an Internet host name, as defined by RFC
+ 1034, section 3.1 [RFC1034]. - ipv4: an IPv4
+ IP as parsed by Golang net.ParseIP - ipv6: an
+ IPv6 IP as parsed by Golang net.ParseIP - cidr:
+ a CIDR as parsed by Golang net.ParseCIDR - mac:
+ a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like
+ \"0321751043\" or \"978-0321751041\" - isbn10:
+ an ISBN10 number string like \"0321751043\"
+ - isbn13: an ISBN13 number string like \"978-0321751041\"
+ - creditcard: a credit card number defined by
+ the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$
+ with any non digit characters mixed in - ssn:
+ a U.S. social security number following the
+ regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ -
+ hexcolor: an hexadecimal color code like \"#FFFFFF\"
+ following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like
+ \"rgb(255,255,255)\" - byte: base64 encoded
+ binary data - password: any kind of string -
+ date: a date string like \"2006-01-02\" as defined
+ by full-date in RFC3339 - duration: a duration
+ string like \"22 ns\" as parsed by Golang time.ParseDuration
+ or compatible with Scala duration format - datetime:
+ a date time string like \"2014-12-15T19:30:20.000Z\"
+ as defined by date-time in RFC3339."
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior in
+ external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: Types defines the schema of the data produced/consumed
+ by the endpoint
+ type: object
+ uri:
+ description: URI can alternatively be used to specify the (Camel)
+ endpoint explicitly
+ type: string
+ type: object
+ source:
+ description: Source is the starting point of the integration defined
+ by this binding
+ properties:
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead
+ of an entire object, this string should contain a valid
+ JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within
+ a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]"
+ (container with index 2 in this pod). This syntax is chosen
+ only to have some well-defined way of referencing a part
+ of an object. TODO: this design is not final and this field
+ is subject to change in the future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ types:
+ additionalProperties:
+ properties:
+ mediaType:
+ type: string
+ schema:
+ description: JSONSchemaProps is a JSON-Schema following
+ Specification Draft 4 (http://json-schema.org/).
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string,
+ []interface{}, map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ type: string
+ enum:
+ items:
+ description: 'JSON represents any valid JSON
+ value. These types are supported: bool, int64,
+ float64, string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64,
+ string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: "format is an OpenAPI v3 format string.
+ Unknown formats are ignored. The following formats
+ are validated: \n - bsonobjectid: a bson object
+ ID, i.e. a 24 characters hex string - uri: an
+ URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang
+ net/mail.ParseAddress - hostname: a valid representation
+ for an Internet host name, as defined by RFC
+ 1034, section 3.1 [RFC1034]. - ipv4: an IPv4
+ IP as parsed by Golang net.ParseIP - ipv6: an
+ IPv6 IP as parsed by Golang net.ParseIP - cidr:
+ a CIDR as parsed by Golang net.ParseCIDR - mac:
+ a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like
+ \"0321751043\" or \"978-0321751041\" - isbn10:
+ an ISBN10 number string like \"0321751043\"
+ - isbn13: an ISBN13 number string like \"978-0321751041\"
+ - creditcard: a credit card number defined by
+ the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$
+ with any non digit characters mixed in - ssn:
+ a U.S. social security number following the
+ regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ -
+ hexcolor: an hexadecimal color code like \"#FFFFFF\"
+ following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like
+ \"rgb(255,255,255)\" - byte: base64 encoded
+ binary data - password: any kind of string -
+ date: a date string like \"2006-01-02\" as defined
+ by full-date in RFC3339 - duration: a duration
+ string like \"22 ns\" as parsed by Golang time.ParseDuration
+ or compatible with Scala duration format - datetime:
+ a date time string like \"2014-12-15T19:30:20.000Z\"
+ as defined by date-time in RFC3339."
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior in
+ external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: Types defines the schema of the data produced/consumed
+ by the endpoint
+ type: object
+ uri:
+ description: URI can alternatively be used to specify the (Camel)
+ endpoint explicitly
+ type: string
+ type: object
+ steps:
+ description: Steps contains an optional list of intermediate steps
+ that are executed between the Source and the Sink
+ items:
+ description: Endpoint represents a source/sink external entity
+ properties:
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: 'If referring to a piece of an object instead
+ of an entire object, this string should contain a valid
+ JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container
+ within a pod, this would take on a value like: "spec.containers{name}"
+ (where "name" refers to the name of the container that
+ triggered the event) or if no container name is specified
+ "spec.containers[2]" (container with index 2 in this pod).
+ This syntax is chosen only to have some well-defined way
+ of referencing a part of an object. TODO: this design
+ is not final and this field is subject to change in the
+ future.'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+ type: string
+ resourceVersion:
+ description: 'Specific resourceVersion to which this reference
+ is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+ type: string
+ uid:
+ description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+ type: string
+ type: object
+ types:
+ additionalProperties:
+ properties:
+ mediaType:
+ type: string
+ schema:
+ description: JSONSchemaProps is a JSON-Schema following
+ Specification Draft 4 (http://json-schema.org/).
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64,
+ string, []interface{}, map[string]interface{} and
+ nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for
+ undefined object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ type: string
+ enum:
+ items:
+ description: 'JSON represents any valid JSON
+ value. These types are supported: bool,
+ int64, float64, string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: 'JSON represents any valid JSON
+ value. These types are supported: bool, int64,
+ float64, string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: "format is an OpenAPI v3 format
+ string. Unknown formats are ignored. The following
+ formats are validated: \n - bsonobjectid:
+ a bson object ID, i.e. a 24 characters hex
+ string - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang
+ net/mail.ParseAddress - hostname: a valid
+ representation for an Internet host name,
+ as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string
+ like \"0321751043\" or \"978-0321751041\"
+ - isbn10: an ISBN10 number string like \"0321751043\"
+ - isbn13: an ISBN13 number string like \"978-0321751041\"
+ - creditcard: a credit card number defined
+ by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$
+ with any non digit characters mixed in - ssn:
+ a U.S. social security number following the
+ regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$
+ - hexcolor: an hexadecimal color code like
+ \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like
+ \"rgb(255,255,255)\" - byte: base64 encoded
+ binary data - password: any kind of string
+ - date: a date string like \"2006-01-02\"
+ as defined by full-date in RFC3339 - duration:
+ a duration string like \"22 ns\" as parsed
+ by Golang time.ParseDuration or compatible
+ with Scala duration format - datetime: a date
+ time string like \"2014-12-15T19:30:20.000Z\"
+ as defined by date-time in RFC3339."
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior
+ in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: Types defines the schema of the data produced/consumed
+ by the endpoint
+ type: object
+ uri:
+ description: URI can alternatively be used to specify the (Camel)
+ endpoint explicitly
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: KameletBindingStatus --
+ properties:
+ conditions:
+ description: Conditions --
+ items:
+ description: KameletBindingCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of kameletBinding condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ phase:
+ description: Phase --
+ type: string
+ replicas:
+ description: Replicas is the number of actual replicas of the binding
+ format: int32
+ type: integer
+ selector:
+ description: Selector allows to identify pods belonging to the binding
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ scale:
+ labelSelectorPath: .status.selector
+ specReplicasPath: .spec.replicas
+ statusReplicasPath: .status.replicas
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.1
+ creationTimestamp: null
+ labels:
+ app: camel-k
+ name: kamelets.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Kamelet
+ listKind: KameletList
+ plural: kamelets
+ shortNames:
+ - kl
+ singular: kamelet
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Kamelet phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Kamelet is the Schema for the kamelets API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: KameletSpec defines the desired state of Kamelet
+ properties:
+ authorization:
+ description: AuthorizationSpec is TODO (oauth information)
+ type: object
+ definition:
+ description: JSONSchemaProps is a JSON-Schema following Specification
+ Draft 4 (http://json-schema.org/).
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: 'JSON represents any valid JSON value. These types
+ are supported: bool, int64, float64, string, []interface{},
+ map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an external
+ resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined object
+ fields.
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ type: string
+ enum:
+ items:
+ description: 'JSON represents any valid JSON value. These
+ types are supported: bool, int64, float64, string, []interface{},
+ map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: 'JSON represents any valid JSON value. These
+ types are supported: bool, int64, float64, string, []interface{},
+ map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: "format is an OpenAPI v3 format string. Unknown
+ formats are ignored. The following formats are validated:
+ \n - bsonobjectid: a bson object ID, i.e. a 24 characters
+ hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host
+ name, as defined by RFC 1034, section 3.1 [RFC1034]. -
+ ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6:
+ an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR
+ as parsed by Golang net.ParseCIDR - mac: a MAC address
+ as parsed by Golang net.ParseMAC - uuid: an UUID that
+ allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the
+ regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the
+ regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the
+ regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\"
+ or \"978-0321751041\" - isbn10: an ISBN10 number string
+ like \"0321751043\" - isbn13: an ISBN13 number string
+ like \"978-0321751041\" - creditcard: a credit card number
+ defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$
+ with any non digit characters mixed in - ssn: a U.S. social
+ security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[-
+ ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like
+ \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"
+ - byte: base64 encoded binary data - password: any kind
+ of string - date: a date string like \"2006-01-02\" as
+ defined by full-date in RFC3339 - duration: a duration
+ string like \"22 ns\" as parsed by Golang time.ParseDuration
+ or compatible with Scala duration format - datetime: a
+ date time string like \"2014-12-15T19:30:20.000Z\" as
+ defined by date-time in RFC3339."
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ dependencies:
+ items:
+ type: string
+ type: array
+ flow:
+ description: 'Deprecated: use template'
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ sources:
+ items:
+ description: SourceSpec --
+ properties:
+ compression:
+ type: boolean
+ content:
+ type: string
+ contentKey:
+ type: string
+ contentRef:
+ type: string
+ contentType:
+ type: string
+ interceptors:
+ description: Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: Language --
+ type: string
+ loader:
+ description: Loader is an optional id of the org.apache.camel.k.RoutesLoader
+ that will interpret this source at runtime
+ type: string
+ name:
+ type: string
+ path:
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ template:
+ description: Template is an unstructured object representing a Kamelet
+ template in YAML/JSON DSL
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ types:
+ additionalProperties:
+ properties:
+ mediaType:
+ type: string
+ schema:
+ description: JSONSchemaProps is a JSON-Schema following Specification
+ Draft 4 (http://json-schema.org/).
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: 'JSON represents any valid JSON value. These
+ types are supported: bool, int64, float64, string, []interface{},
+ map[string]interface{} and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an
+ external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ type: string
+ enum:
+ items:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64,
+ string, []interface{}, map[string]interface{}
+ and nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: 'JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64,
+ string, []interface{}, map[string]interface{} and
+ nil.'
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: "format is an OpenAPI v3 format string.
+ Unknown formats are ignored. The following formats
+ are validated: \n - bsonobjectid: a bson object
+ ID, i.e. a 24 characters hex string - uri: an URI
+ as parsed by Golang net/url.ParseRequestURI - email:
+ an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet
+ host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by
+ the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined
+ by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\"
+ or \"978-0321751041\" - isbn10: an ISBN10 number
+ string like \"0321751043\" - isbn13: an ISBN13 number
+ string like \"978-0321751041\" - creditcard: a credit
+ card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$
+ with any non digit characters mixed in - ssn: a
+ U.S. social security number following the regex
+ ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor:
+ an hexadecimal color code like \"#FFFFFF\" following
+ the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ -
+ rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"
+ - byte: base64 encoded binary data - password: any
+ kind of string - date: a date string like \"2006-01-02\"
+ as defined by full-date in RFC3339 - duration: a
+ duration string like \"22 ns\" as parsed by Golang
+ time.ParseDuration or compatible with Scala duration
+ format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\"
+ as defined by date-time in RFC3339."
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ type: object
+ type: object
+ status:
+ description: KameletStatus defines the observed state of Kamelet
+ properties:
+ conditions:
+ items:
+ description: KameletCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of kamelet condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ phase:
+ type: string
+ properties:
+ items:
+ properties:
+ default:
+ type: string
+ name:
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: camel-k
+ rbac.authorization.k8s.io/aggregate-to-admin: "true"
+ rbac.authorization.k8s.io/aggregate-to-edit: "true"
+ name: camel-k:edit
+rules:
+- apiGroups:
+ - camel.apache.org
+ resources:
+ - '*'
+ verbs:
+ - '*'
diff --git a/java-generator/it/src/it/extensions/src/test/resources/camel-k/kustomization.yaml b/java-generator/it/src/it/extensions/src/test/resources/camel-k/kustomization.yaml
new file mode 100644
index 00000000000..f3df71a029f
--- /dev/null
+++ b/java-generator/it/src/it/extensions/src/test/resources/camel-k/kustomization.yaml
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+resources:
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/cluster-role.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-build.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-camel-catalog.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-integration-kit.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-integration-platform.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-integration.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-kamelet-binding.yaml
+ - https://raw.githubusercontent.com/apache/camel-k/v1.8.1/helm/camel-k/crds/crd-kamelet.yaml
diff --git a/java-generator/it/src/main/java/io/fabric8/java/generator/testing/KubernetesResourceDiff.java b/java-generator/it/src/main/java/io/fabric8/java/generator/testing/KubernetesResourceDiff.java
new file mode 100644
index 00000000000..3435924ac03
--- /dev/null
+++ b/java-generator/it/src/main/java/io/fabric8/java/generator/testing/KubernetesResourceDiff.java
@@ -0,0 +1,99 @@
+/**
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.fabric8.java.generator.testing;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
+import com.github.difflib.text.DiffRow;
+import com.github.difflib.text.DiffRowGenerator;
+import io.fabric8.zjsonpatch.JsonDiff;
+import io.fabric8.zjsonpatch.JsonPatch;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
+
+public class KubernetesResourceDiff {
+
+ // ANSI colors for the shell
+ private static final String ANSI_RESET = "\u001B[0m";
+ private static final String ANSI_RED = "\u001B[31m";
+ private static final String ANSI_GREEN = "\u001B[32m";
+
+ private final String source1;
+ private final String source2;
+
+ private ObjectMapper yamlMapper = new ObjectMapper(
+ new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER));
+
+ public KubernetesResourceDiff(String source1, String source2) {
+ this.source1 = source1;
+ this.source2 = source2;
+ }
+
+ public List getListOfDiffs() {
+ try {
+ JsonNode source1Json = yamlMapper.readTree(this.source1);
+ JsonNode source2Json = yamlMapper.readTree(this.source2);
+ JsonNode diff = JsonDiff.asJson(source1Json, source2Json);
+ List aggregatedDiffs = StreamSupport.stream(diff.spliterator(), false).collect(Collectors.toList());
+
+ if (!aggregatedDiffs.isEmpty()) {
+ JsonNode generatedDiff = JsonPatch.apply(diff, source1Json);
+
+ DiffRowGenerator generator = DiffRowGenerator.create()
+ .showInlineDiffs(true)
+ .inlineDiffByWord(true)
+ .oldTag(b -> Boolean.TRUE.equals(b) ? ANSI_RED : ANSI_RESET)
+ .newTag(b -> Boolean.TRUE.equals(b) ? ANSI_GREEN : ANSI_RESET)
+ .build();
+
+ List rows = generator.generateDiffRows(
+ Arrays.asList(
+ yamlMapper.writeValueAsString(source1Json).split("\n")),
+ Arrays.asList(
+ yamlMapper.writeValueAsString(generatedDiff).split("\n")));
+
+ int maxWidth = 0;
+ for (DiffRow row : rows) {
+ maxWidth = Math.max(
+ maxWidth,
+ Math.max(
+ row.getOldLine()
+ .getBytes(StandardCharsets.UTF_8).length,
+ row.getNewLine()
+ .getBytes(StandardCharsets.UTF_8).length));
+ }
+
+ // Result should looks similar to: https://www.yamldiff.com/
+ for (DiffRow row : rows) {
+ System.err.printf(
+ "%-" + maxWidth + "s %-" + maxWidth + "s\n",
+ row.getOldLine(),
+ row.getNewLine());
+ }
+ }
+
+ return aggregatedDiffs;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
diff --git a/java-generator/it/src/main/java/io/fabric8/java/generator/testing/extensions/camlek/ExtensionCamelK.java b/java-generator/it/src/main/java/io/fabric8/java/generator/testing/extensions/camlek/ExtensionCamelK.java
new file mode 100644
index 00000000000..4416262870e
--- /dev/null
+++ b/java-generator/it/src/main/java/io/fabric8/java/generator/testing/extensions/camlek/ExtensionCamelK.java
@@ -0,0 +1,66 @@
+/**
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.fabric8.java.generator.testing.extensions.camlek;
+
+import io.fabric8.camelk.v1.CamelArtifactBuilder;
+import io.fabric8.camelk.v1.CamelArtifactDependencyBuilder;
+import io.fabric8.camelk.v1.CamelArtifactExclusionBuilder;
+import io.fabric8.camelk.v1.CamelCatalog;
+import io.fabric8.camelk.v1.CamelCatalogBuilder;
+import io.fabric8.camelk.v1.MavenArtifactBuilder;
+
+public class ExtensionCamelK {
+
+ public static CamelCatalog dummyCamelKCatalog() {
+ CamelCatalog camelkCatalog = new CamelCatalogBuilder()
+ .withNewMetadata()
+ .withName("dummy")
+ .endMetadata()
+ .withNewSpec()
+ .addToArtifacts("artifact1",
+ new CamelArtifactBuilder()
+ .withArtifactId("artifact1ID")
+ .withDataformats("dataformat1")
+ .withDependencies(
+ new CamelArtifactDependencyBuilder()
+ .withArtifactId("artifact2")
+ .withGroupId("mygroupid")
+ .withVersion("1.0.0")
+ .withExclusions(
+ new CamelArtifactExclusionBuilder()
+ .withArtifactId("artifact3")
+ .build())
+ .build())
+ .withGroupId("mygroupid")
+ .withJavaTypes("javatype1", "javatype2")
+ .withLanguages("java", "kotlin")
+ .build())
+ .withNewRuntime()
+ .withVersion("2.0.0")
+ .withProvider("myprovider")
+ .withDependencies(
+ new MavenArtifactBuilder()
+ .withArtifactId("aid")
+ .withGroupId("gid")
+ .withVersion("v")
+ .build())
+ .endRuntime()
+ .endSpec()
+ .build();
+
+ return camelkCatalog;
+ }
+}