cmd/hypercloud-installer/data/tor-controller.yaml at e44176629bda117bf18a92ac9ef48af400113b7f · @techaro.lol/hypercloud

1

apiVersion: v1

2

kind: Namespace

3

metadata:

4

labels:

5

control-plane: controller-manager

6

7

---

8

apiVersion: apiextensions.k8s.io/v1

9

kind: CustomResourceDefinition

10

metadata:

11

annotations:

12

controller-gen.kubebuilder.io/version: v0.11.1

13

creationTimestamp: null

14

15

spec:

16

group: tor.k8s.torproject.org

17

names:

18

kind: OnionBalancedService

19

listKind: OnionBalancedServiceList

20

plural: onionbalancedservices

21

shortNames:

22

- onionha

23

- oha

24

- obs

25

singular: onionbalancedservice

26

scope: Namespaced

27

versions:

28

- additionalPrinterColumns:

29

- jsonPath: .status.hostname

30

31

type: string

32

- jsonPath: .spec.backends

33

34

type: string

35

- jsonPath: .metadata.creationTimestamp

36

37

type: date

38

39

schema:

40

openAPIV3Schema:

41

description: OnionBalancedService is the Schema for the onionbalancedservices API.

42

properties:

43

apiVersion:

44

description: APIVersion defines the versioned schema of this representation of an object.

45

type: string

46

kind:

47

description: Kind is a string value representing the REST resource this object represents.

48

type: string

49

metadata:

50

type: object

51

spec:

52

description: OnionBalancedServiceSpec defines the desired state of OnionBalancedService.

53

properties:

54

backends:

55

format: int32

56

maximum: 8

57

minimum: 1

58

type: integer

59

balancerTemplate:

60

description: Template describes the balancer daemon pods that will be created.

61

properties:

62

balancerResources:

63

description: Default resources for onionbalance containers

64

properties:

65

limits:

66

additionalProperties:

67

anyOf:

68

- type: integer

69

- type: string

70

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

71

x-kubernetes-int-or-string: true

72

description: Limits describes the maximum amount of compute resources allowed.

73

type: object

74

requests:

75

additionalProperties:

76

anyOf:

77

- type: integer

78

- type: string

79

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

80

x-kubernetes-int-or-string: true

81

description: Requests describes the minimum amount of compute resources required.

82

type: object

83

type: object

84

metadata:

85

description: Metadata of the pods created from this template.

86

type: object

87

spec:

88

description: Spec defines the behavior of a pod.

89

properties:

90

activeDeadlineSeconds:

91

description: Optional duration in seconds the pod may be active on the node relative to Start

92

format: int64

93

type: integer

94

affinity:

95

description: If specified, the pod's scheduling constraints

96

properties:

97

nodeAffinity:

98

description: Describes node affinity scheduling rules for the pod.

99

properties:

100

preferredDuringSchedulingIgnoredDuringExecution:

101

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

102

items:

103

description: An empty preferred scheduling term matches all objects with implicit weight 0 (i

104

properties:

105

preference:

106

description: A node selector term, associated with the corresponding weight.

107

properties:

108

matchExpressions:

109

description: A list of node selector requirements by node's labels.

110

items:

111

description: A node selector requirement is a selector that contains values, a key, and an op

112

properties:

113

key:

114

description: The label key that the selector applies to.

115

type: string

116

operator:

117

description: Represents a key's relationship to a set of values.

118

type: string

119

values:

120

description: An array of string values.

121

items:

122

type: string

123

type: array

124

required:

125

- key

126

- operator

127

type: object

128

type: array

129

matchFields:

130

description: A list of node selector requirements by node's fields.

131

items:

132

description: A node selector requirement is a selector that contains values, a key, and an op

133

properties:

134

key:

135

description: The label key that the selector applies to.

136

type: string

137

operator:

138

description: Represents a key's relationship to a set of values.

139

type: string

140

values:

141

description: An array of string values.

142

items:

143

type: string

144

type: array

145

required:

146

- key

147

- operator

148

type: object

149

type: array

150

type: object

151

x-kubernetes-map-type: atomic

152

weight:

153

description: Weight associated with matching the corresponding nodeSelectorTerm, in the range

154

format: int32

155

type: integer

156

required:

157

- preference

158

- weight

159

type: object

160

type: array

161

requiredDuringSchedulingIgnoredDuringExecution:

162

description: If the affinity requirements specified by this field are not met at scheduling t

163

properties:

164

nodeSelectorTerms:

165

description: Required. A list of node selector terms. The terms are ORed.

166

items:

167

description: A null or empty node selector term matches no objects.

168

properties:

169

matchExpressions:

170

description: A list of node selector requirements by node's labels.

171

items:

172

description: A node selector requirement is a selector that contains values, a key, and an op

173

properties:

174

key:

175

description: The label key that the selector applies to.

176

type: string

177

operator:

178

description: Represents a key's relationship to a set of values.

179

type: string

180

values:

181

description: An array of string values.

182

items:

183

type: string

184

type: array

185

required:

186

- key

187

- operator

188

type: object

189

type: array

190

matchFields:

191

description: A list of node selector requirements by node's fields.

192

items:

193

description: A node selector requirement is a selector that contains values, a key, and an op

194

properties:

195

key:

196

description: The label key that the selector applies to.

197

type: string

198

operator:

199

description: Represents a key's relationship to a set of values.

200

type: string

201

values:

202

description: An array of string values.

203

items:

204

type: string

205

type: array

206

required:

207

- key

208

- operator

209

type: object

210

type: array

211

type: object

212

x-kubernetes-map-type: atomic

213

type: array

214

required:

215

- nodeSelectorTerms

216

type: object

217

x-kubernetes-map-type: atomic

218

type: object

219

podAffinity:

220

description: Describes pod affinity scheduling rules (e.g.

221

properties:

222

preferredDuringSchedulingIgnoredDuringExecution:

223

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

224

items:

225

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

226

properties:

227

podAffinityTerm:

228

description: Required. A pod affinity term, associated with the corresponding weight.

229

properties:

230

labelSelector:

231

description: A label query over a set of resources, in this case pods.

232

properties:

233

matchExpressions:

234

description: matchExpressions is a list of label selector requirements.

235

items:

236

description: A label selector requirement is a selector that contains values, a key, and an o

237

properties:

238

key:

239

description: key is the label key that the selector applies to.

240

type: string

241

operator:

242

description: operator represents a key's relationship to a set of values.

243

type: string

244

values:

245

description: values is an array of string values.

246

items:

247

type: string

248

type: array

249

required:

250

- key

251

- operator

252

type: object

253

type: array

254

matchLabels:

255

additionalProperties:

256

type: string

257

description: matchLabels is a map of {key,value} pairs.

258

type: object

259

type: object

260

x-kubernetes-map-type: atomic

261

namespaceSelector:

262

description: A label query over the set of namespaces that the term applies to.

263

properties:

264

matchExpressions:

265

description: matchExpressions is a list of label selector requirements.

266

items:

267

description: A label selector requirement is a selector that contains values, a key, and an o

268

properties:

269

key:

270

description: key is the label key that the selector applies to.

271

type: string

272

operator:

273

description: operator represents a key's relationship to a set of values.

274

type: string

275

values:

276

description: values is an array of string values.

277

items:

278

type: string

279

type: array

280

required:

281

- key

282

- operator

283

type: object

284

type: array

285

matchLabels:

286

additionalProperties:

287

type: string

288

description: matchLabels is a map of {key,value} pairs.

289

type: object

290

type: object

291

x-kubernetes-map-type: atomic

292

namespaces:

293

description: namespaces specifies a static list of namespace names that the term applies to.

294

items:

295

type: string

296

type: array

297

topologyKey:

298

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

299

type: string

300

required:

301

- topologyKey

302

type: object

303

weight:

304

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

305

format: int32

306

type: integer

307

required:

308

- podAffinityTerm

309

- weight

310

type: object

311

type: array

312

requiredDuringSchedulingIgnoredDuringExecution:

313

description: If the affinity requirements specified by this field are not met at scheduling t

314

items:

315

description: Defines a set of pods (namely those matching the labelSelector relative to the g

316

properties:

317

labelSelector:

318

description: A label query over a set of resources, in this case pods.

319

properties:

320

matchExpressions:

321

description: matchExpressions is a list of label selector requirements.

322

items:

323

description: A label selector requirement is a selector that contains values, a key, and an o

324

properties:

325

key:

326

description: key is the label key that the selector applies to.

327

type: string

328

operator:

329

description: operator represents a key's relationship to a set of values.

330

type: string

331

values:

332

description: values is an array of string values.

333

items:

334

type: string

335

type: array

336

required:

337

- key

338

- operator

339

type: object

340

type: array

341

matchLabels:

342

additionalProperties:

343

type: string

344

description: matchLabels is a map of {key,value} pairs.

345

type: object

346

type: object

347

x-kubernetes-map-type: atomic

348

namespaceSelector:

349

description: A label query over the set of namespaces that the term applies to.

350

properties:

351

matchExpressions:

352

description: matchExpressions is a list of label selector requirements.

353

items:

354

description: A label selector requirement is a selector that contains values, a key, and an o

355

properties:

356

key:

357

description: key is the label key that the selector applies to.

358

type: string

359

operator:

360

description: operator represents a key's relationship to a set of values.

361

type: string

362

values:

363

description: values is an array of string values.

364

items:

365

type: string

366

type: array

367

required:

368

- key

369

- operator

370

type: object

371

type: array

372

matchLabels:

373

additionalProperties:

374

type: string

375

description: matchLabels is a map of {key,value} pairs.

376

type: object

377

type: object

378

x-kubernetes-map-type: atomic

379

namespaces:

380

description: namespaces specifies a static list of namespace names that the term applies to.

381

items:

382

type: string

383

type: array

384

topologyKey:

385

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

386

type: string

387

required:

388

- topologyKey

389

type: object

390

type: array

391

type: object

392

podAntiAffinity:

393

description: Describes pod anti-affinity scheduling rules (e.g.

394

properties:

395

preferredDuringSchedulingIgnoredDuringExecution:

396

description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini

397

items:

398

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

399

properties:

400

podAffinityTerm:

401

description: Required. A pod affinity term, associated with the corresponding weight.

402

properties:

403

labelSelector:

404

description: A label query over a set of resources, in this case pods.

405

properties:

406

matchExpressions:

407

description: matchExpressions is a list of label selector requirements.

408

items:

409

description: A label selector requirement is a selector that contains values, a key, and an o

410

properties:

411

key:

412

description: key is the label key that the selector applies to.

413

type: string

414

operator:

415

description: operator represents a key's relationship to a set of values.

416

type: string

417

values:

418

description: values is an array of string values.

419

items:

420

type: string

421

type: array

422

required:

423

- key

424

- operator

425

type: object

426

type: array

427

matchLabels:

428

additionalProperties:

429

type: string

430

description: matchLabels is a map of {key,value} pairs.

431

type: object

432

type: object

433

x-kubernetes-map-type: atomic

434

namespaceSelector:

435

description: A label query over the set of namespaces that the term applies to.

436

properties:

437

matchExpressions:

438

description: matchExpressions is a list of label selector requirements.

439

items:

440

description: A label selector requirement is a selector that contains values, a key, and an o

441

properties:

442

key:

443

description: key is the label key that the selector applies to.

444

type: string

445

operator:

446

description: operator represents a key's relationship to a set of values.

447

type: string

448

values:

449

description: values is an array of string values.

450

items:

451

type: string

452

type: array

453

required:

454

- key

455

- operator

456

type: object

457

type: array

458

matchLabels:

459

additionalProperties:

460

type: string

461

description: matchLabels is a map of {key,value} pairs.

462

type: object

463

type: object

464

x-kubernetes-map-type: atomic

465

namespaces:

466

description: namespaces specifies a static list of namespace names that the term applies to.

467

items:

468

type: string

469

type: array

470

topologyKey:

471

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

472

type: string

473

required:

474

- topologyKey

475

type: object

476

weight:

477

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

478

format: int32

479

type: integer

480

required:

481

- podAffinityTerm

482

- weight

483

type: object

484

type: array

485

requiredDuringSchedulingIgnoredDuringExecution:

486

description: If the anti-affinity requirements specified by this field are not met at schedul

487

items:

488

description: Defines a set of pods (namely those matching the labelSelector relative to the g

489

properties:

490

labelSelector:

491

description: A label query over a set of resources, in this case pods.

492

properties:

493

matchExpressions:

494

description: matchExpressions is a list of label selector requirements.

495

items:

496

description: A label selector requirement is a selector that contains values, a key, and an o

497

properties:

498

key:

499

description: key is the label key that the selector applies to.

500

type: string

501

operator:

502

description: operator represents a key's relationship to a set of values.

503

type: string

504

values:

505

description: values is an array of string values.

506

items:

507

type: string

508

type: array

509

required:

510

- key

511

- operator

512

type: object

513

type: array

514

matchLabels:

515

additionalProperties:

516

type: string

517

description: matchLabels is a map of {key,value} pairs.

518

type: object

519

type: object

520

x-kubernetes-map-type: atomic

521

namespaceSelector:

522

description: A label query over the set of namespaces that the term applies to.

523

properties:

524

matchExpressions:

525

description: matchExpressions is a list of label selector requirements.

526

items:

527

description: A label selector requirement is a selector that contains values, a key, and an o

528

properties:

529

key:

530

description: key is the label key that the selector applies to.

531

type: string

532

operator:

533

description: operator represents a key's relationship to a set of values.

534

type: string

535

values:

536

description: values is an array of string values.

537

items:

538

type: string

539

type: array

540

required:

541

- key

542

- operator

543

type: object

544

type: array

545

matchLabels:

546

additionalProperties:

547

type: string

548

description: matchLabels is a map of {key,value} pairs.

549

type: object

550

type: object

551

x-kubernetes-map-type: atomic

552

namespaces:

553

description: namespaces specifies a static list of namespace names that the term applies to.

554

items:

555

type: string

556

type: array

557

topologyKey:

558

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

559

type: string

560

required:

561

- topologyKey

562

type: object

563

type: array

564

type: object

565

type: object

566

automountServiceAccountToken:

567

description: AutomountServiceAccountToken indicates whether a service account token should be

568

type: boolean

569

containers:

570

description: List of containers belonging to the pod.

571

items:

572

description: A single application container that you want to run within a pod.

573

properties:

574

args:

575

description: Arguments to the entrypoint.

576

items:

577

type: string

578

type: array

579

command:

580

description: Entrypoint array. Not executed within a shell.

581

items:

582

type: string

583

type: array

584

env:

585

description: List of environment variables to set in the container. Cannot be updated.

586

items:

587

description: EnvVar represents an environment variable present in a Container.

588

properties:

589

name:

590

description: Name of the environment variable. Must be a C_IDENTIFIER.

591

type: string

592

value:

593

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

594

type: string

595

valueFrom:

596

description: Source for the environment variable's value.

597

properties:

598

configMapKeyRef:

599

description: Selects a key of a ConfigMap.

600

properties:

601

key:

602

description: The key to select.

603

type: string

604

name:

605

description: 'Name of the referent. More info: https://kubernetes.'

606

type: string

607

optional:

608

description: Specify whether the ConfigMap or its key must be defined

609

type: boolean

610

required:

611

- key

612

type: object

613

x-kubernetes-map-type: atomic

614

fieldRef:

615

description: 'Selects a field of the pod: supports metadata.name, metadata.'

616

properties:

617

apiVersion:

618

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

619

type: string

620

fieldPath:

621

description: Path of the field to select in the specified API version.

622

type: string

623

required:

624

- fieldPath

625

type: object

626

x-kubernetes-map-type: atomic

627

resourceFieldRef:

628

description: 'Selects a resource of the container: only resources limits and requests (limits.'

629

properties:

630

containerName:

631

description: 'Container name: required for volumes, optional for env vars'

632

type: string

633

divisor:

634

anyOf:

635

- type: integer

636

- type: string

637

description: Specifies the output format of the exposed resources, defaults to "1"

638

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

639

x-kubernetes-int-or-string: true

640

resource:

641

description: 'Required: resource to select'

642

type: string

643

required:

644

- resource

645

type: object

646

x-kubernetes-map-type: atomic

647

secretKeyRef:

648

description: Selects a key of a secret in the pod's namespace

649

properties:

650

key:

651

description: The key of the secret to select from. Must be a valid secret key.

652

type: string

653

name:

654

description: 'Name of the referent. More info: https://kubernetes.'

655

type: string

656

optional:

657

description: Specify whether the Secret or its key must be defined

658

type: boolean

659

required:

660

- key

661

type: object

662

x-kubernetes-map-type: atomic

663

type: object

664

required:

665

- name

666

type: object

667

type: array

668

envFrom:

669

description: List of sources to populate environment variables in the container.

670

items:

671

description: EnvFromSource represents the source of a set of ConfigMaps

672

properties:

673

configMapRef:

674

description: The ConfigMap to select from

675

properties:

676

name:

677

description: 'Name of the referent. More info: https://kubernetes.'

678

type: string

679

optional:

680

description: Specify whether the ConfigMap must be defined

681

type: boolean

682

type: object

683

x-kubernetes-map-type: atomic

684

prefix:

685

description: An optional identifier to prepend to each key in the ConfigMap.

686

type: string

687

secretRef:

688

description: The Secret to select from

689

properties:

690

name:

691

description: 'Name of the referent. More info: https://kubernetes.'

692

type: string

693

optional:

694

description: Specify whether the Secret must be defined

695

type: boolean

696

type: object

697

x-kubernetes-map-type: atomic

698

type: object

699

type: array

700

image:

701

description: 'Docker image name. More info: https://kubernetes.'

702

type: string

703

imagePullPolicy:

704

description: Image pull policy. One of Always, Never, IfNotPresent.

705

type: string

706

lifecycle:

707

description: Actions that the management system should take in response to container lifecycl

708

properties:

709

postStart:

710

description: PostStart is called immediately after a container is created.

711

properties:

712

exec:

713

description: Exec specifies the action to take.

714

properties:

715

command:

716

description: Command is the command line to execute inside the container, the working directo

717

items:

718

type: string

719

type: array

720

type: object

721

httpGet:

722

description: HTTPGet specifies the http request to perform.

723

properties:

724

host:

725

description: Host name to connect to, defaults to the pod IP.

726

type: string

727

httpHeaders:

728

description: Custom headers to set in the request. HTTP allows repeated headers.

729

items:

730

description: HTTPHeader describes a custom header to be used in HTTP probes

731

properties:

732

name:

733

description: The header field name

734

type: string

735

value:

736

description: The header field value

737

type: string

738

required:

739

- name

740

- value

741

type: object

742

type: array

743

path:

744

description: Path to access on the HTTP server.

745

type: string

746

port:

747

anyOf:

748

- type: integer

749

- type: string

750

description: Name or number of the port to access on the container.

751

x-kubernetes-int-or-string: true

752

scheme:

753

description: Scheme to use for connecting to the host. Defaults to HTTP.

754

type: string

755

required:

756

- port

757

type: object

758

tcpSocket:

759

description: Deprecated.

760

properties:

761

host:

762

description: 'Optional: Host name to connect to, defaults to the pod IP.'

763

type: string

764

port:

765

anyOf:

766

- type: integer

767

- type: string

768

description: Number or name of the port to access on the container.

769

x-kubernetes-int-or-string: true

770

required:

771

- port

772

type: object

773

type: object

774

preStop:

775

description: PreStop is called immediately before a container is terminated due to an API req

776

properties:

777

exec:

778

description: Exec specifies the action to take.

779

properties:

780

command:

781

description: Command is the command line to execute inside the container, the working directo

782

items:

783

type: string

784

type: array

785

type: object

786

httpGet:

787

description: HTTPGet specifies the http request to perform.

788

properties:

789

host:

790

description: Host name to connect to, defaults to the pod IP.

791

type: string

792

httpHeaders:

793

description: Custom headers to set in the request. HTTP allows repeated headers.

794

items:

795

description: HTTPHeader describes a custom header to be used in HTTP probes

796

properties:

797

name:

798

description: The header field name

799

type: string

800

value:

801

description: The header field value

802

type: string

803

required:

804

- name

805

- value

806

type: object

807

type: array

808

path:

809

description: Path to access on the HTTP server.

810

type: string

811

port:

812

anyOf:

813

- type: integer

814

- type: string

815

description: Name or number of the port to access on the container.

816

x-kubernetes-int-or-string: true

817

scheme:

818

description: Scheme to use for connecting to the host. Defaults to HTTP.

819

type: string

820

required:

821

- port

822

type: object

823

tcpSocket:

824

description: Deprecated.

825

properties:

826

host:

827

description: 'Optional: Host name to connect to, defaults to the pod IP.'

828

type: string

829

port:

830

anyOf:

831

- type: integer

832

- type: string

833

description: Number or name of the port to access on the container.

834

x-kubernetes-int-or-string: true

835

required:

836

- port

837

type: object

838

type: object

839

type: object

840

livenessProbe:

841

description: Periodic probe of container liveness.

842

properties:

843

exec:

844

description: Exec specifies the action to take.

845

properties:

846

command:

847

description: Command is the command line to execute inside the container, the working directo

848

items:

849

type: string

850

type: array

851

type: object

852

failureThreshold:

853

description: 'Minimum consecutive failures for the probe to be considered failed after having '

854

format: int32

855

type: integer

856

grpc:

857

description: GRPC specifies an action involving a GRPC port.

858

properties:

859

port:

860

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

861

format: int32

862

type: integer

863

service:

864

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

865

type: string

866

required:

867

- port

868

type: object

869

httpGet:

870

description: HTTPGet specifies the http request to perform.

871

properties:

872

host:

873

description: Host name to connect to, defaults to the pod IP.

874

type: string

875

httpHeaders:

876

description: Custom headers to set in the request. HTTP allows repeated headers.

877

items:

878

description: HTTPHeader describes a custom header to be used in HTTP probes

879

properties:

880

name:

881

description: The header field name

882

type: string

883

value:

884

description: The header field value

885

type: string

886

required:

887

- name

888

- value

889

type: object

890

type: array

891

path:

892

description: Path to access on the HTTP server.

893

type: string

894

port:

895

anyOf:

896

- type: integer

897

- type: string

898

description: Name or number of the port to access on the container.

899

x-kubernetes-int-or-string: true

900

scheme:

901

description: Scheme to use for connecting to the host. Defaults to HTTP.

902

type: string

903

required:

904

- port

905

type: object

906

initialDelaySeconds:

907

description: Number of seconds after the container has started before liveness probes are ini

908

format: int32

909

type: integer

910

periodSeconds:

911

description: How often (in seconds) to perform the probe. Default to 10 seconds.

912

format: int32

913

type: integer

914

successThreshold:

915

description: Minimum consecutive successes for the probe to be considered successful after ha

916

format: int32

917

type: integer

918

tcpSocket:

919

description: TCPSocket specifies an action involving a TCP port.

920

properties:

921

host:

922

description: 'Optional: Host name to connect to, defaults to the pod IP.'

923

type: string

924

port:

925

anyOf:

926

- type: integer

927

- type: string

928

description: Number or name of the port to access on the container.

929

x-kubernetes-int-or-string: true

930

required:

931

- port

932

type: object

933

terminationGracePeriodSeconds:

934

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

935

format: int64

936

type: integer

937

timeoutSeconds:

938

description: Number of seconds after which the probe times out. Defaults to 1 second.

939

format: int32

940

type: integer

941

type: object

942

name:

943

description: Name of the container specified as a DNS_LABEL.

944

type: string

945

ports:

946

description: List of ports to expose from the container.

947

items:

948

description: ContainerPort represents a network port in a single container.

949

properties:

950

containerPort:

951

description: Number of port to expose on the pod's IP address.

952

format: int32

953

type: integer

954

hostIP:

955

description: What host IP to bind the external port to.

956

type: string

957

hostPort:

958

description: Number of port to expose on the host.

959

format: int32

960

type: integer

961

name:

962

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

963

type: string

964

protocol:

965

default: TCP

966

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

967

type: string

968

required:

969

- containerPort

970

type: object

971

type: array

972

x-kubernetes-list-map-keys:

973

- containerPort

974

- protocol

975

x-kubernetes-list-type: map

976

readinessProbe:

977

description: Periodic probe of container service readiness.

978

properties:

979

exec:

980

description: Exec specifies the action to take.

981

properties:

982

command:

983

description: Command is the command line to execute inside the container, the working directo

984

items:

985

type: string

986

type: array

987

type: object

988

failureThreshold:

989

description: 'Minimum consecutive failures for the probe to be considered failed after having '

990

format: int32

991

type: integer

992

grpc:

993

description: GRPC specifies an action involving a GRPC port.

994

properties:

995

port:

996

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

997

format: int32

998

type: integer

999

service:

1000

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

1001

type: string

1002

required:

1003

- port

1004

type: object

1005

httpGet:

1006

description: HTTPGet specifies the http request to perform.

1007

properties:

1008

host:

1009

description: Host name to connect to, defaults to the pod IP.

1010

type: string

1011

httpHeaders:

1012

description: Custom headers to set in the request. HTTP allows repeated headers.

1013

items:

1014

description: HTTPHeader describes a custom header to be used in HTTP probes

1015

properties:

1016

name:

1017

description: The header field name

1018

type: string

1019

value:

1020

description: The header field value

1021

type: string

1022

required:

1023

- name

1024

- value

1025

type: object

1026

type: array

1027

path:

1028

description: Path to access on the HTTP server.

1029

type: string

1030

port:

1031

anyOf:

1032

- type: integer

1033

- type: string

1034

description: Name or number of the port to access on the container.

1035

x-kubernetes-int-or-string: true

1036

scheme:

1037

description: Scheme to use for connecting to the host. Defaults to HTTP.

1038

type: string

1039

required:

1040

- port

1041

type: object

1042

initialDelaySeconds:

1043

description: Number of seconds after the container has started before liveness probes are ini

1044

format: int32

1045

type: integer

1046

periodSeconds:

1047

description: How often (in seconds) to perform the probe. Default to 10 seconds.

1048

format: int32

1049

type: integer

1050

successThreshold:

1051

description: Minimum consecutive successes for the probe to be considered successful after ha

1052

format: int32

1053

type: integer

1054

tcpSocket:

1055

description: TCPSocket specifies an action involving a TCP port.

1056

properties:

1057

host:

1058

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1059

type: string

1060

port:

1061

anyOf:

1062

- type: integer

1063

- type: string

1064

description: Number or name of the port to access on the container.

1065

x-kubernetes-int-or-string: true

1066

required:

1067

- port

1068

type: object

1069

terminationGracePeriodSeconds:

1070

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

1071

format: int64

1072

type: integer

1073

timeoutSeconds:

1074

description: Number of seconds after which the probe times out. Defaults to 1 second.

1075

format: int32

1076

type: integer

1077

type: object

1078

resources:

1079

description: Compute Resources required by this container. Cannot be updated.

1080

properties:

1081

limits:

1082

additionalProperties:

1083

anyOf:

1084

- type: integer

1085

- type: string

1086

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

1087

x-kubernetes-int-or-string: true

1088

description: Limits describes the maximum amount of compute resources allowed.

1089

type: object

1090

requests:

1091

additionalProperties:

1092

anyOf:

1093

- type: integer

1094

- type: string

1095

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

1096

x-kubernetes-int-or-string: true

1097

description: Requests describes the minimum amount of compute resources required.

1098

type: object

1099

type: object

1100

securityContext:

1101

description: SecurityContext defines the security options the container should be run with.

1102

properties:

1103

allowPrivilegeEscalation:

1104

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

1105

type: boolean

1106

capabilities:

1107

description: The capabilities to add/drop when running containers.

1108

properties:

1109

add:

1110

description: Added capabilities

1111

items:

1112

description: Capability represent POSIX capabilities type

1113

type: string

1114

type: array

1115

drop:

1116

description: Removed capabilities

1117

items:

1118

description: Capability represent POSIX capabilities type

1119

type: string

1120

type: array

1121

type: object

1122

privileged:

1123

description: Run container in privileged mode.

1124

type: boolean

1125

procMount:

1126

description: procMount denotes the type of proc mount to use for the containers.

1127

type: string

1128

readOnlyRootFilesystem:

1129

description: Whether this container has a read-only root filesystem. Default is false.

1130

type: boolean

1131

runAsGroup:

1132

description: The GID to run the entrypoint of the container process.

1133

format: int64

1134

type: integer

1135

runAsNonRoot:

1136

description: Indicates that the container must run as a non-root user.

1137

type: boolean

1138

runAsUser:

1139

description: The UID to run the entrypoint of the container process.

1140

format: int64

1141

type: integer

1142

seLinuxOptions:

1143

description: The SELinux context to be applied to the container.

1144

properties:

1145

level:

1146

description: Level is SELinux level label that applies to the container.

1147

type: string

1148

role:

1149

description: Role is a SELinux role label that applies to the container.

1150

type: string

1151

type:

1152

description: Type is a SELinux type label that applies to the container.

1153

type: string

1154

user:

1155

description: User is a SELinux user label that applies to the container.

1156

type: string

1157

type: object

1158

seccompProfile:

1159

description: The seccomp options to use by this container.

1160

properties:

1161

localhostProfile:

1162

description: localhostProfile indicates a profile defined in a file on the node should be use

1163

type: string

1164

type:

1165

description: type indicates which kind of seccomp profile will be applied.

1166

type: string

1167

required:

1168

- type

1169

type: object

1170

windowsOptions:

1171

description: The Windows specific settings applied to all containers.

1172

properties:

1173

gmsaCredentialSpec:

1174

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

1175

type: string

1176

gmsaCredentialSpecName:

1177

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

1178

type: string

1179

hostProcess:

1180

description: HostProcess determines if a container should be run as a 'Host Process' containe

1181

type: boolean

1182

runAsUserName:

1183

description: The UserName in Windows to run the entrypoint of the container process.

1184

type: string

1185

type: object

1186

type: object

1187

startupProbe:

1188

description: StartupProbe indicates that the Pod has successfully initialized.

1189

properties:

1190

exec:

1191

description: Exec specifies the action to take.

1192

properties:

1193

command:

1194

description: Command is the command line to execute inside the container, the working directo

1195

items:

1196

type: string

1197

type: array

1198

type: object

1199

failureThreshold:

1200

description: 'Minimum consecutive failures for the probe to be considered failed after having '

1201

format: int32

1202

type: integer

1203

grpc:

1204

description: GRPC specifies an action involving a GRPC port.

1205

properties:

1206

port:

1207

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

1208

format: int32

1209

type: integer

1210

service:

1211

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

1212

type: string

1213

required:

1214

- port

1215

type: object

1216

httpGet:

1217

description: HTTPGet specifies the http request to perform.

1218

properties:

1219

host:

1220

description: Host name to connect to, defaults to the pod IP.

1221

type: string

1222

httpHeaders:

1223

description: Custom headers to set in the request. HTTP allows repeated headers.

1224

items:

1225

description: HTTPHeader describes a custom header to be used in HTTP probes

1226

properties:

1227

name:

1228

description: The header field name

1229

type: string

1230

value:

1231

description: The header field value

1232

type: string

1233

required:

1234

- name

1235

- value

1236

type: object

1237

type: array

1238

path:

1239

description: Path to access on the HTTP server.

1240

type: string

1241

port:

1242

anyOf:

1243

- type: integer

1244

- type: string

1245

description: Name or number of the port to access on the container.

1246

x-kubernetes-int-or-string: true

1247

scheme:

1248

description: Scheme to use for connecting to the host. Defaults to HTTP.

1249

type: string

1250

required:

1251

- port

1252

type: object

1253

initialDelaySeconds:

1254

description: Number of seconds after the container has started before liveness probes are ini

1255

format: int32

1256

type: integer

1257

periodSeconds:

1258

description: How often (in seconds) to perform the probe. Default to 10 seconds.

1259

format: int32

1260

type: integer

1261

successThreshold:

1262

description: Minimum consecutive successes for the probe to be considered successful after ha

1263

format: int32

1264

type: integer

1265

tcpSocket:

1266

description: TCPSocket specifies an action involving a TCP port.

1267

properties:

1268

host:

1269

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1270

type: string

1271

port:

1272

anyOf:

1273

- type: integer

1274

- type: string

1275

description: Number or name of the port to access on the container.

1276

x-kubernetes-int-or-string: true

1277

required:

1278

- port

1279

type: object

1280

terminationGracePeriodSeconds:

1281

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

1282

format: int64

1283

type: integer

1284

timeoutSeconds:

1285

description: Number of seconds after which the probe times out. Defaults to 1 second.

1286

format: int32

1287

type: integer

1288

type: object

1289

stdin:

1290

description: Whether this container should allocate a buffer for stdin in the container runti

1291

type: boolean

1292

stdinOnce:

1293

description: Whether the container runtime should close the stdin channel after it has been o

1294

type: boolean

1295

terminationMessagePath:

1296

description: 'Optional: Path at which the file to which the container''s termination message wi'

1297

type: string

1298

terminationMessagePolicy:

1299

description: Indicate how the termination message should be populated.

1300

type: string

1301

tty:

1302

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

1303

type: boolean

1304

volumeDevices:

1305

description: volumeDevices is the list of block devices to be used by the container.

1306

items:

1307

description: volumeDevice describes a mapping of a raw block device within a container.

1308

properties:

1309

devicePath:

1310

description: devicePath is the path inside of the container that the device will be mapped to

1311

type: string

1312

name:

1313

description: name must match the name of a persistentVolumeClaim in the pod

1314

type: string

1315

required:

1316

- devicePath

1317

- name

1318

type: object

1319

type: array

1320

volumeMounts:

1321

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

1322

items:

1323

description: VolumeMount describes a mounting of a Volume within a container.

1324

properties:

1325

mountPath:

1326

description: Path within the container at which the volume should be mounted.

1327

type: string

1328

mountPropagation:

1329

description: mountPropagation determines how mounts are propagated from the host to container

1330

type: string

1331

name:

1332

description: This must match the Name of a Volume.

1333

type: string

1334

readOnly:

1335

description: Mounted read-only if true, read-write otherwise (false or unspecified).

1336

type: boolean

1337

subPath:

1338

description: Path within the volume from which the container's volume should be mounted.

1339

type: string

1340

subPathExpr:

1341

description: Expanded path within the volume from which the container's volume should be moun

1342

type: string

1343

required:

1344

- mountPath

1345

- name

1346

type: object

1347

type: array

1348

workingDir:

1349

description: Container's working directory.

1350

type: string

1351

required:

1352

- name

1353

type: object

1354

type: array

1355

dnsConfig:

1356

description: Specifies the DNS parameters of a pod.

1357

properties:

1358

nameservers:

1359

description: A list of DNS name server IP addresses.

1360

items:

1361

type: string

1362

type: array

1363

options:

1364

description: A list of DNS resolver options.

1365

items:

1366

description: PodDNSConfigOption defines DNS resolver options of a pod.

1367

properties:

1368

name:

1369

description: Required.

1370

type: string

1371

value:

1372

type: string

1373

type: object

1374

type: array

1375

searches:

1376

description: A list of DNS search domains for host-name lookup.

1377

items:

1378

type: string

1379

type: array

1380

type: object

1381

dnsPolicy:

1382

description: Set DNS policy for the pod. Defaults to "ClusterFirst".

1383

type: string

1384

enableServiceLinks:

1385

description: EnableServiceLinks indicates whether information about services should be inject

1386

type: boolean

1387

ephemeralContainers:

1388

description: List of ephemeral containers run in this pod.

1389

items:

1390

description: An EphemeralContainer is a temporary container that you may add to an existing P

1391

properties:

1392

args:

1393

description: Arguments to the entrypoint.

1394

items:

1395

type: string

1396

type: array

1397

command:

1398

description: Entrypoint array. Not executed within a shell.

1399

items:

1400

type: string

1401

type: array

1402

env:

1403

description: List of environment variables to set in the container. Cannot be updated.

1404

items:

1405

description: EnvVar represents an environment variable present in a Container.

1406

properties:

1407

name:

1408

description: Name of the environment variable. Must be a C_IDENTIFIER.

1409

type: string

1410

value:

1411

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

1412

type: string

1413

valueFrom:

1414

description: Source for the environment variable's value.

1415

properties:

1416

configMapKeyRef:

1417

description: Selects a key of a ConfigMap.

1418

properties:

1419

key:

1420

description: The key to select.

1421

type: string

1422

name:

1423

description: 'Name of the referent. More info: https://kubernetes.'

1424

type: string

1425

optional:

1426

description: Specify whether the ConfigMap or its key must be defined

1427

type: boolean

1428

required:

1429

- key

1430

type: object

1431

x-kubernetes-map-type: atomic

1432

fieldRef:

1433

description: 'Selects a field of the pod: supports metadata.name, metadata.'

1434

properties:

1435

apiVersion:

1436

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

1437

type: string

1438

fieldPath:

1439

description: Path of the field to select in the specified API version.

1440

type: string

1441

required:

1442

- fieldPath

1443

type: object

1444

x-kubernetes-map-type: atomic

1445

resourceFieldRef:

1446

description: 'Selects a resource of the container: only resources limits and requests (limits.'

1447

properties:

1448

containerName:

1449

description: 'Container name: required for volumes, optional for env vars'

1450

type: string

1451

divisor:

1452

anyOf:

1453

- type: integer

1454

- type: string

1455

description: Specifies the output format of the exposed resources, defaults to "1"

1456

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

1457

x-kubernetes-int-or-string: true

1458

resource:

1459

description: 'Required: resource to select'

1460

type: string

1461

required:

1462

- resource

1463

type: object

1464

x-kubernetes-map-type: atomic

1465

secretKeyRef:

1466

description: Selects a key of a secret in the pod's namespace

1467

properties:

1468

key:

1469

description: The key of the secret to select from. Must be a valid secret key.

1470

type: string

1471

name:

1472

description: 'Name of the referent. More info: https://kubernetes.'

1473

type: string

1474

optional:

1475

description: Specify whether the Secret or its key must be defined

1476

type: boolean

1477

required:

1478

- key

1479

type: object

1480

x-kubernetes-map-type: atomic

1481

type: object

1482

required:

1483

- name

1484

type: object

1485

type: array

1486

envFrom:

1487

description: List of sources to populate environment variables in the container.

1488

items:

1489

description: EnvFromSource represents the source of a set of ConfigMaps

1490

properties:

1491

configMapRef:

1492

description: The ConfigMap to select from

1493

properties:

1494

name:

1495

description: 'Name of the referent. More info: https://kubernetes.'

1496

type: string

1497

optional:

1498

description: Specify whether the ConfigMap must be defined

1499

type: boolean

1500

type: object

1501

x-kubernetes-map-type: atomic

1502

prefix:

1503

description: An optional identifier to prepend to each key in the ConfigMap.

1504

type: string

1505

secretRef:

1506

description: The Secret to select from

1507

properties:

1508

name:

1509

description: 'Name of the referent. More info: https://kubernetes.'

1510

type: string

1511

optional:

1512

description: Specify whether the Secret must be defined

1513

type: boolean

1514

type: object

1515

x-kubernetes-map-type: atomic

1516

type: object

1517

type: array

1518

image:

1519

description: 'Docker image name. More info: https://kubernetes.'

1520

type: string

1521

imagePullPolicy:

1522

description: Image pull policy. One of Always, Never, IfNotPresent.

1523

type: string

1524

lifecycle:

1525

description: Lifecycle is not allowed for ephemeral containers.

1526

properties:

1527

postStart:

1528

description: PostStart is called immediately after a container is created.

1529

properties:

1530

exec:

1531

description: Exec specifies the action to take.

1532

properties:

1533

command:

1534

description: Command is the command line to execute inside the container, the working directo

1535

items:

1536

type: string

1537

type: array

1538

type: object

1539

httpGet:

1540

description: HTTPGet specifies the http request to perform.

1541

properties:

1542

host:

1543

description: Host name to connect to, defaults to the pod IP.

1544

type: string

1545

httpHeaders:

1546

description: Custom headers to set in the request. HTTP allows repeated headers.

1547

items:

1548

description: HTTPHeader describes a custom header to be used in HTTP probes

1549

properties:

1550

name:

1551

description: The header field name

1552

type: string

1553

value:

1554

description: The header field value

1555

type: string

1556

required:

1557

- name

1558

- value

1559

type: object

1560

type: array

1561

path:

1562

description: Path to access on the HTTP server.

1563

type: string

1564

port:

1565

anyOf:

1566

- type: integer

1567

- type: string

1568

description: Name or number of the port to access on the container.

1569

x-kubernetes-int-or-string: true

1570

scheme:

1571

description: Scheme to use for connecting to the host. Defaults to HTTP.

1572

type: string

1573

required:

1574

- port

1575

type: object

1576

tcpSocket:

1577

description: Deprecated.

1578

properties:

1579

host:

1580

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1581

type: string

1582

port:

1583

anyOf:

1584

- type: integer

1585

- type: string

1586

description: Number or name of the port to access on the container.

1587

x-kubernetes-int-or-string: true

1588

required:

1589

- port

1590

type: object

1591

type: object

1592

preStop:

1593

description: PreStop is called immediately before a container is terminated due to an API req

1594

properties:

1595

exec:

1596

description: Exec specifies the action to take.

1597

properties:

1598

command:

1599

description: Command is the command line to execute inside the container, the working directo

1600

items:

1601

type: string

1602

type: array

1603

type: object

1604

httpGet:

1605

description: HTTPGet specifies the http request to perform.

1606

properties:

1607

host:

1608

description: Host name to connect to, defaults to the pod IP.

1609

type: string

1610

httpHeaders:

1611

description: Custom headers to set in the request. HTTP allows repeated headers.

1612

items:

1613

description: HTTPHeader describes a custom header to be used in HTTP probes

1614

properties:

1615

name:

1616

description: The header field name

1617

type: string

1618

value:

1619

description: The header field value

1620

type: string

1621

required:

1622

- name

1623

- value

1624

type: object

1625

type: array

1626

path:

1627

description: Path to access on the HTTP server.

1628

type: string

1629

port:

1630

anyOf:

1631

- type: integer

1632

- type: string

1633

description: Name or number of the port to access on the container.

1634

x-kubernetes-int-or-string: true

1635

scheme:

1636

description: Scheme to use for connecting to the host. Defaults to HTTP.

1637

type: string

1638

required:

1639

- port

1640

type: object

1641

tcpSocket:

1642

description: Deprecated.

1643

properties:

1644

host:

1645

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1646

type: string

1647

port:

1648

anyOf:

1649

- type: integer

1650

- type: string

1651

description: Number or name of the port to access on the container.

1652

x-kubernetes-int-or-string: true

1653

required:

1654

- port

1655

type: object

1656

type: object

1657

type: object

1658

livenessProbe:

1659

description: Probes are not allowed for ephemeral containers.

1660

properties:

1661

exec:

1662

description: Exec specifies the action to take.

1663

properties:

1664

command:

1665

description: Command is the command line to execute inside the container, the working directo

1666

items:

1667

type: string

1668

type: array

1669

type: object

1670

failureThreshold:

1671

description: 'Minimum consecutive failures for the probe to be considered failed after having '

1672

format: int32

1673

type: integer

1674

grpc:

1675

description: GRPC specifies an action involving a GRPC port.

1676

properties:

1677

port:

1678

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

1679

format: int32

1680

type: integer

1681

service:

1682

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

1683

type: string

1684

required:

1685

- port

1686

type: object

1687

httpGet:

1688

description: HTTPGet specifies the http request to perform.

1689

properties:

1690

host:

1691

description: Host name to connect to, defaults to the pod IP.

1692

type: string

1693

httpHeaders:

1694

description: Custom headers to set in the request. HTTP allows repeated headers.

1695

items:

1696

description: HTTPHeader describes a custom header to be used in HTTP probes

1697

properties:

1698

name:

1699

description: The header field name

1700

type: string

1701

value:

1702

description: The header field value

1703

type: string

1704

required:

1705

- name

1706

- value

1707

type: object

1708

type: array

1709

path:

1710

description: Path to access on the HTTP server.

1711

type: string

1712

port:

1713

anyOf:

1714

- type: integer

1715

- type: string

1716

description: Name or number of the port to access on the container.

1717

x-kubernetes-int-or-string: true

1718

scheme:

1719

description: Scheme to use for connecting to the host. Defaults to HTTP.

1720

type: string

1721

required:

1722

- port

1723

type: object

1724

initialDelaySeconds:

1725

description: Number of seconds after the container has started before liveness probes are ini

1726

format: int32

1727

type: integer

1728

periodSeconds:

1729

description: How often (in seconds) to perform the probe. Default to 10 seconds.

1730

format: int32

1731

type: integer

1732

successThreshold:

1733

description: Minimum consecutive successes for the probe to be considered successful after ha

1734

format: int32

1735

type: integer

1736

tcpSocket:

1737

description: TCPSocket specifies an action involving a TCP port.

1738

properties:

1739

host:

1740

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1741

type: string

1742

port:

1743

anyOf:

1744

- type: integer

1745

- type: string

1746

description: Number or name of the port to access on the container.

1747

x-kubernetes-int-or-string: true

1748

required:

1749

- port

1750

type: object

1751

terminationGracePeriodSeconds:

1752

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

1753

format: int64

1754

type: integer

1755

timeoutSeconds:

1756

description: Number of seconds after which the probe times out. Defaults to 1 second.

1757

format: int32

1758

type: integer

1759

type: object

1760

name:

1761

description: Name of the ephemeral container specified as a DNS_LABEL.

1762

type: string

1763

ports:

1764

description: Ports are not allowed for ephemeral containers.

1765

items:

1766

description: ContainerPort represents a network port in a single container.

1767

properties:

1768

containerPort:

1769

description: Number of port to expose on the pod's IP address.

1770

format: int32

1771

type: integer

1772

hostIP:

1773

description: What host IP to bind the external port to.

1774

type: string

1775

hostPort:

1776

description: Number of port to expose on the host.

1777

format: int32

1778

type: integer

1779

name:

1780

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

1781

type: string

1782

protocol:

1783

default: TCP

1784

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

1785

type: string

1786

required:

1787

- containerPort

1788

type: object

1789

type: array

1790

x-kubernetes-list-map-keys:

1791

- containerPort

1792

- protocol

1793

x-kubernetes-list-type: map

1794

readinessProbe:

1795

description: Probes are not allowed for ephemeral containers.

1796

properties:

1797

exec:

1798

description: Exec specifies the action to take.

1799

properties:

1800

command:

1801

description: Command is the command line to execute inside the container, the working directo

1802

items:

1803

type: string

1804

type: array

1805

type: object

1806

failureThreshold:

1807

description: 'Minimum consecutive failures for the probe to be considered failed after having '

1808

format: int32

1809

type: integer

1810

grpc:

1811

description: GRPC specifies an action involving a GRPC port.

1812

properties:

1813

port:

1814

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

1815

format: int32

1816

type: integer

1817

service:

1818

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

1819

type: string

1820

required:

1821

- port

1822

type: object

1823

httpGet:

1824

description: HTTPGet specifies the http request to perform.

1825

properties:

1826

host:

1827

description: Host name to connect to, defaults to the pod IP.

1828

type: string

1829

httpHeaders:

1830

description: Custom headers to set in the request. HTTP allows repeated headers.

1831

items:

1832

description: HTTPHeader describes a custom header to be used in HTTP probes

1833

properties:

1834

name:

1835

description: The header field name

1836

type: string

1837

value:

1838

description: The header field value

1839

type: string

1840

required:

1841

- name

1842

- value

1843

type: object

1844

type: array

1845

path:

1846

description: Path to access on the HTTP server.

1847

type: string

1848

port:

1849

anyOf:

1850

- type: integer

1851

- type: string

1852

description: Name or number of the port to access on the container.

1853

x-kubernetes-int-or-string: true

1854

scheme:

1855

description: Scheme to use for connecting to the host. Defaults to HTTP.

1856

type: string

1857

required:

1858

- port

1859

type: object

1860

initialDelaySeconds:

1861

description: Number of seconds after the container has started before liveness probes are ini

1862

format: int32

1863

type: integer

1864

periodSeconds:

1865

description: How often (in seconds) to perform the probe. Default to 10 seconds.

1866

format: int32

1867

type: integer

1868

successThreshold:

1869

description: Minimum consecutive successes for the probe to be considered successful after ha

1870

format: int32

1871

type: integer

1872

tcpSocket:

1873

description: TCPSocket specifies an action involving a TCP port.

1874

properties:

1875

host:

1876

description: 'Optional: Host name to connect to, defaults to the pod IP.'

1877

type: string

1878

port:

1879

anyOf:

1880

- type: integer

1881

- type: string

1882

description: Number or name of the port to access on the container.

1883

x-kubernetes-int-or-string: true

1884

required:

1885

- port

1886

type: object

1887

terminationGracePeriodSeconds:

1888

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

1889

format: int64

1890

type: integer

1891

timeoutSeconds:

1892

description: Number of seconds after which the probe times out. Defaults to 1 second.

1893

format: int32

1894

type: integer

1895

type: object

1896

resources:

1897

description: Resources are not allowed for ephemeral containers.

1898

properties:

1899

limits:

1900

additionalProperties:

1901

anyOf:

1902

- type: integer

1903

- type: string

1904

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

1905

x-kubernetes-int-or-string: true

1906

description: Limits describes the maximum amount of compute resources allowed.

1907

type: object

1908

requests:

1909

additionalProperties:

1910

anyOf:

1911

- type: integer

1912

- type: string

1913

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

1914

x-kubernetes-int-or-string: true

1915

description: Requests describes the minimum amount of compute resources required.

1916

type: object

1917

type: object

1918

securityContext:

1919

description: 'Optional: SecurityContext defines the security options the ephemeral container s'

1920

properties:

1921

allowPrivilegeEscalation:

1922

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

1923

type: boolean

1924

capabilities:

1925

description: The capabilities to add/drop when running containers.

1926

properties:

1927

add:

1928

description: Added capabilities

1929

items:

1930

description: Capability represent POSIX capabilities type

1931

type: string

1932

type: array

1933

drop:

1934

description: Removed capabilities

1935

items:

1936

description: Capability represent POSIX capabilities type

1937

type: string

1938

type: array

1939

type: object

1940

privileged:

1941

description: Run container in privileged mode.

1942

type: boolean

1943

procMount:

1944

description: procMount denotes the type of proc mount to use for the containers.

1945

type: string

1946

readOnlyRootFilesystem:

1947

description: Whether this container has a read-only root filesystem. Default is false.

1948

type: boolean

1949

runAsGroup:

1950

description: The GID to run the entrypoint of the container process.

1951

format: int64

1952

type: integer

1953

runAsNonRoot:

1954

description: Indicates that the container must run as a non-root user.

1955

type: boolean

1956

runAsUser:

1957

description: The UID to run the entrypoint of the container process.

1958

format: int64

1959

type: integer

1960

seLinuxOptions:

1961

description: The SELinux context to be applied to the container.

1962

properties:

1963

level:

1964

description: Level is SELinux level label that applies to the container.

1965

type: string

1966

role:

1967

description: Role is a SELinux role label that applies to the container.

1968

type: string

1969

type:

1970

description: Type is a SELinux type label that applies to the container.

1971

type: string

1972

user:

1973

description: User is a SELinux user label that applies to the container.

1974

type: string

1975

type: object

1976

seccompProfile:

1977

description: The seccomp options to use by this container.

1978

properties:

1979

localhostProfile:

1980

description: localhostProfile indicates a profile defined in a file on the node should be use

1981

type: string

1982

type:

1983

description: type indicates which kind of seccomp profile will be applied.

1984

type: string

1985

required:

1986

- type

1987

type: object

1988

windowsOptions:

1989

description: The Windows specific settings applied to all containers.

1990

properties:

1991

gmsaCredentialSpec:

1992

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

1993

type: string

1994

gmsaCredentialSpecName:

1995

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

1996

type: string

1997

hostProcess:

1998

description: HostProcess determines if a container should be run as a 'Host Process' containe

1999

type: boolean

2000

runAsUserName:

2001

description: The UserName in Windows to run the entrypoint of the container process.

2002

type: string

2003

type: object

2004

type: object

2005

startupProbe:

2006

description: Probes are not allowed for ephemeral containers.

2007

properties:

2008

exec:

2009

description: Exec specifies the action to take.

2010

properties:

2011

command:

2012

description: Command is the command line to execute inside the container, the working directo

2013

items:

2014

type: string

2015

type: array

2016

type: object

2017

failureThreshold:

2018

description: 'Minimum consecutive failures for the probe to be considered failed after having '

2019

format: int32

2020

type: integer

2021

grpc:

2022

description: GRPC specifies an action involving a GRPC port.

2023

properties:

2024

port:

2025

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

2026

format: int32

2027

type: integer

2028

service:

2029

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

2030

type: string

2031

required:

2032

- port

2033

type: object

2034

httpGet:

2035

description: HTTPGet specifies the http request to perform.

2036

properties:

2037

host:

2038

description: Host name to connect to, defaults to the pod IP.

2039

type: string

2040

httpHeaders:

2041

description: Custom headers to set in the request. HTTP allows repeated headers.

2042

items:

2043

description: HTTPHeader describes a custom header to be used in HTTP probes

2044

properties:

2045

name:

2046

description: The header field name

2047

type: string

2048

value:

2049

description: The header field value

2050

type: string

2051

required:

2052

- name

2053

- value

2054

type: object

2055

type: array

2056

path:

2057

description: Path to access on the HTTP server.

2058

type: string

2059

port:

2060

anyOf:

2061

- type: integer

2062

- type: string

2063

description: Name or number of the port to access on the container.

2064

x-kubernetes-int-or-string: true

2065

scheme:

2066

description: Scheme to use for connecting to the host. Defaults to HTTP.

2067

type: string

2068

required:

2069

- port

2070

type: object

2071

initialDelaySeconds:

2072

description: Number of seconds after the container has started before liveness probes are ini

2073

format: int32

2074

type: integer

2075

periodSeconds:

2076

description: How often (in seconds) to perform the probe. Default to 10 seconds.

2077

format: int32

2078

type: integer

2079

successThreshold:

2080

description: Minimum consecutive successes for the probe to be considered successful after ha

2081

format: int32

2082

type: integer

2083

tcpSocket:

2084

description: TCPSocket specifies an action involving a TCP port.

2085

properties:

2086

host:

2087

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2088

type: string

2089

port:

2090

anyOf:

2091

- type: integer

2092

- type: string

2093

description: Number or name of the port to access on the container.

2094

x-kubernetes-int-or-string: true

2095

required:

2096

- port

2097

type: object

2098

terminationGracePeriodSeconds:

2099

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

2100

format: int64

2101

type: integer

2102

timeoutSeconds:

2103

description: Number of seconds after which the probe times out. Defaults to 1 second.

2104

format: int32

2105

type: integer

2106

type: object

2107

stdin:

2108

description: Whether this container should allocate a buffer for stdin in the container runti

2109

type: boolean

2110

stdinOnce:

2111

description: Whether the container runtime should close the stdin channel after it has been o

2112

type: boolean

2113

targetContainerName:

2114

description: If set, the name of the container from PodSpec that this ephemeral container tar

2115

type: string

2116

terminationMessagePath:

2117

description: 'Optional: Path at which the file to which the container''s termination message wi'

2118

type: string

2119

terminationMessagePolicy:

2120

description: Indicate how the termination message should be populated.

2121

type: string

2122

tty:

2123

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

2124

type: boolean

2125

volumeDevices:

2126

description: volumeDevices is the list of block devices to be used by the container.

2127

items:

2128

description: volumeDevice describes a mapping of a raw block device within a container.

2129

properties:

2130

devicePath:

2131

description: devicePath is the path inside of the container that the device will be mapped to

2132

type: string

2133

name:

2134

description: name must match the name of a persistentVolumeClaim in the pod

2135

type: string

2136

required:

2137

- devicePath

2138

- name

2139

type: object

2140

type: array

2141

volumeMounts:

2142

description: Pod volumes to mount into the container's filesystem.

2143

items:

2144

description: VolumeMount describes a mounting of a Volume within a container.

2145

properties:

2146

mountPath:

2147

description: Path within the container at which the volume should be mounted.

2148

type: string

2149

mountPropagation:

2150

description: mountPropagation determines how mounts are propagated from the host to container

2151

type: string

2152

name:

2153

description: This must match the Name of a Volume.

2154

type: string

2155

readOnly:

2156

description: Mounted read-only if true, read-write otherwise (false or unspecified).

2157

type: boolean

2158

subPath:

2159

description: Path within the volume from which the container's volume should be mounted.

2160

type: string

2161

subPathExpr:

2162

description: Expanded path within the volume from which the container's volume should be moun

2163

type: string

2164

required:

2165

- mountPath

2166

- name

2167

type: object

2168

type: array

2169

workingDir:

2170

description: Container's working directory.

2171

type: string

2172

required:

2173

- name

2174

type: object

2175

type: array

2176

hostAliases:

2177

description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '

2178

items:

2179

description: HostAlias holds the mapping between IP and hostnames that will be injected as an

2180

properties:

2181

hostnames:

2182

description: Hostnames for the above IP address.

2183

items:

2184

type: string

2185

type: array

2186

ip:

2187

description: IP address of the host file entry.

2188

type: string

2189

type: object

2190

type: array

2191

hostIPC:

2192

description: 'Use the host''s ipc namespace. Optional: Default to false.'

2193

type: boolean

2194

hostNetwork:

2195

description: Host networking requested for this pod. Use the host's network namespace.

2196

type: boolean

2197

hostPID:

2198

description: 'Use the host''s pid namespace. Optional: Default to false.'

2199

type: boolean

2200

hostname:

2201

description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s

2202

type: string

2203

imagePullSecrets:

2204

description: ImagePullSecrets is an optional list of references to secrets in the same namesp

2205

items:

2206

description: LocalObjectReference contains enough information to let you locate the reference

2207

properties:

2208

name:

2209

description: 'Name of the referent. More info: https://kubernetes.'

2210

type: string

2211

type: object

2212

x-kubernetes-map-type: atomic

2213

type: array

2214

initContainers:

2215

description: List of initialization containers belonging to the pod.

2216

items:

2217

description: A single application container that you want to run within a pod.

2218

properties:

2219

args:

2220

description: Arguments to the entrypoint.

2221

items:

2222

type: string

2223

type: array

2224

command:

2225

description: Entrypoint array. Not executed within a shell.

2226

items:

2227

type: string

2228

type: array

2229

env:

2230

description: List of environment variables to set in the container. Cannot be updated.

2231

items:

2232

description: EnvVar represents an environment variable present in a Container.

2233

properties:

2234

name:

2235

description: Name of the environment variable. Must be a C_IDENTIFIER.

2236

type: string

2237

value:

2238

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

2239

type: string

2240

valueFrom:

2241

description: Source for the environment variable's value.

2242

properties:

2243

configMapKeyRef:

2244

description: Selects a key of a ConfigMap.

2245

properties:

2246

key:

2247

description: The key to select.

2248

type: string

2249

name:

2250

description: 'Name of the referent. More info: https://kubernetes.'

2251

type: string

2252

optional:

2253

description: Specify whether the ConfigMap or its key must be defined

2254

type: boolean

2255

required:

2256

- key

2257

type: object

2258

x-kubernetes-map-type: atomic

2259

fieldRef:

2260

description: 'Selects a field of the pod: supports metadata.name, metadata.'

2261

properties:

2262

apiVersion:

2263

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

2264

type: string

2265

fieldPath:

2266

description: Path of the field to select in the specified API version.

2267

type: string

2268

required:

2269

- fieldPath

2270

type: object

2271

x-kubernetes-map-type: atomic

2272

resourceFieldRef:

2273

description: 'Selects a resource of the container: only resources limits and requests (limits.'

2274

properties:

2275

containerName:

2276

description: 'Container name: required for volumes, optional for env vars'

2277

type: string

2278

divisor:

2279

anyOf:

2280

- type: integer

2281

- type: string

2282

description: Specifies the output format of the exposed resources, defaults to "1"

2283

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

2284

x-kubernetes-int-or-string: true

2285

resource:

2286

description: 'Required: resource to select'

2287

type: string

2288

required:

2289

- resource

2290

type: object

2291

x-kubernetes-map-type: atomic

2292

secretKeyRef:

2293

description: Selects a key of a secret in the pod's namespace

2294

properties:

2295

key:

2296

description: The key of the secret to select from. Must be a valid secret key.

2297

type: string

2298

name:

2299

description: 'Name of the referent. More info: https://kubernetes.'

2300

type: string

2301

optional:

2302

description: Specify whether the Secret or its key must be defined

2303

type: boolean

2304

required:

2305

- key

2306

type: object

2307

x-kubernetes-map-type: atomic

2308

type: object

2309

required:

2310

- name

2311

type: object

2312

type: array

2313

envFrom:

2314

description: List of sources to populate environment variables in the container.

2315

items:

2316

description: EnvFromSource represents the source of a set of ConfigMaps

2317

properties:

2318

configMapRef:

2319

description: The ConfigMap to select from

2320

properties:

2321

name:

2322

description: 'Name of the referent. More info: https://kubernetes.'

2323

type: string

2324

optional:

2325

description: Specify whether the ConfigMap must be defined

2326

type: boolean

2327

type: object

2328

x-kubernetes-map-type: atomic

2329

prefix:

2330

description: An optional identifier to prepend to each key in the ConfigMap.

2331

type: string

2332

secretRef:

2333

description: The Secret to select from

2334

properties:

2335

name:

2336

description: 'Name of the referent. More info: https://kubernetes.'

2337

type: string

2338

optional:

2339

description: Specify whether the Secret must be defined

2340

type: boolean

2341

type: object

2342

x-kubernetes-map-type: atomic

2343

type: object

2344

type: array

2345

image:

2346

description: 'Docker image name. More info: https://kubernetes.'

2347

type: string

2348

imagePullPolicy:

2349

description: Image pull policy. One of Always, Never, IfNotPresent.

2350

type: string

2351

lifecycle:

2352

description: Actions that the management system should take in response to container lifecycl

2353

properties:

2354

postStart:

2355

description: PostStart is called immediately after a container is created.

2356

properties:

2357

exec:

2358

description: Exec specifies the action to take.

2359

properties:

2360

command:

2361

description: Command is the command line to execute inside the container, the working directo

2362

items:

2363

type: string

2364

type: array

2365

type: object

2366

httpGet:

2367

description: HTTPGet specifies the http request to perform.

2368

properties:

2369

host:

2370

description: Host name to connect to, defaults to the pod IP.

2371

type: string

2372

httpHeaders:

2373

description: Custom headers to set in the request. HTTP allows repeated headers.

2374

items:

2375

description: HTTPHeader describes a custom header to be used in HTTP probes

2376

properties:

2377

name:

2378

description: The header field name

2379

type: string

2380

value:

2381

description: The header field value

2382

type: string

2383

required:

2384

- name

2385

- value

2386

type: object

2387

type: array

2388

path:

2389

description: Path to access on the HTTP server.

2390

type: string

2391

port:

2392

anyOf:

2393

- type: integer

2394

- type: string

2395

description: Name or number of the port to access on the container.

2396

x-kubernetes-int-or-string: true

2397

scheme:

2398

description: Scheme to use for connecting to the host. Defaults to HTTP.

2399

type: string

2400

required:

2401

- port

2402

type: object

2403

tcpSocket:

2404

description: Deprecated.

2405

properties:

2406

host:

2407

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2408

type: string

2409

port:

2410

anyOf:

2411

- type: integer

2412

- type: string

2413

description: Number or name of the port to access on the container.

2414

x-kubernetes-int-or-string: true

2415

required:

2416

- port

2417

type: object

2418

type: object

2419

preStop:

2420

description: PreStop is called immediately before a container is terminated due to an API req

2421

properties:

2422

exec:

2423

description: Exec specifies the action to take.

2424

properties:

2425

command:

2426

description: Command is the command line to execute inside the container, the working directo

2427

items:

2428

type: string

2429

type: array

2430

type: object

2431

httpGet:

2432

description: HTTPGet specifies the http request to perform.

2433

properties:

2434

host:

2435

description: Host name to connect to, defaults to the pod IP.

2436

type: string

2437

httpHeaders:

2438

description: Custom headers to set in the request. HTTP allows repeated headers.

2439

items:

2440

description: HTTPHeader describes a custom header to be used in HTTP probes

2441

properties:

2442

name:

2443

description: The header field name

2444

type: string

2445

value:

2446

description: The header field value

2447

type: string

2448

required:

2449

- name

2450

- value

2451

type: object

2452

type: array

2453

path:

2454

description: Path to access on the HTTP server.

2455

type: string

2456

port:

2457

anyOf:

2458

- type: integer

2459

- type: string

2460

description: Name or number of the port to access on the container.

2461

x-kubernetes-int-or-string: true

2462

scheme:

2463

description: Scheme to use for connecting to the host. Defaults to HTTP.

2464

type: string

2465

required:

2466

- port

2467

type: object

2468

tcpSocket:

2469

description: Deprecated.

2470

properties:

2471

host:

2472

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2473

type: string

2474

port:

2475

anyOf:

2476

- type: integer

2477

- type: string

2478

description: Number or name of the port to access on the container.

2479

x-kubernetes-int-or-string: true

2480

required:

2481

- port

2482

type: object

2483

type: object

2484

type: object

2485

livenessProbe:

2486

description: Periodic probe of container liveness.

2487

properties:

2488

exec:

2489

description: Exec specifies the action to take.

2490

properties:

2491

command:

2492

description: Command is the command line to execute inside the container, the working directo

2493

items:

2494

type: string

2495

type: array

2496

type: object

2497

failureThreshold:

2498

description: 'Minimum consecutive failures for the probe to be considered failed after having '

2499

format: int32

2500

type: integer

2501

grpc:

2502

description: GRPC specifies an action involving a GRPC port.

2503

properties:

2504

port:

2505

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

2506

format: int32

2507

type: integer

2508

service:

2509

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

2510

type: string

2511

required:

2512

- port

2513

type: object

2514

httpGet:

2515

description: HTTPGet specifies the http request to perform.

2516

properties:

2517

host:

2518

description: Host name to connect to, defaults to the pod IP.

2519

type: string

2520

httpHeaders:

2521

description: Custom headers to set in the request. HTTP allows repeated headers.

2522

items:

2523

description: HTTPHeader describes a custom header to be used in HTTP probes

2524

properties:

2525

name:

2526

description: The header field name

2527

type: string

2528

value:

2529

description: The header field value

2530

type: string

2531

required:

2532

- name

2533

- value

2534

type: object

2535

type: array

2536

path:

2537

description: Path to access on the HTTP server.

2538

type: string

2539

port:

2540

anyOf:

2541

- type: integer

2542

- type: string

2543

description: Name or number of the port to access on the container.

2544

x-kubernetes-int-or-string: true

2545

scheme:

2546

description: Scheme to use for connecting to the host. Defaults to HTTP.

2547

type: string

2548

required:

2549

- port

2550

type: object

2551

initialDelaySeconds:

2552

description: Number of seconds after the container has started before liveness probes are ini

2553

format: int32

2554

type: integer

2555

periodSeconds:

2556

description: How often (in seconds) to perform the probe. Default to 10 seconds.

2557

format: int32

2558

type: integer

2559

successThreshold:

2560

description: Minimum consecutive successes for the probe to be considered successful after ha

2561

format: int32

2562

type: integer

2563

tcpSocket:

2564

description: TCPSocket specifies an action involving a TCP port.

2565

properties:

2566

host:

2567

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2568

type: string

2569

port:

2570

anyOf:

2571

- type: integer

2572

- type: string

2573

description: Number or name of the port to access on the container.

2574

x-kubernetes-int-or-string: true

2575

required:

2576

- port

2577

type: object

2578

terminationGracePeriodSeconds:

2579

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

2580

format: int64

2581

type: integer

2582

timeoutSeconds:

2583

description: Number of seconds after which the probe times out. Defaults to 1 second.

2584

format: int32

2585

type: integer

2586

type: object

2587

name:

2588

description: Name of the container specified as a DNS_LABEL.

2589

type: string

2590

ports:

2591

description: List of ports to expose from the container.

2592

items:

2593

description: ContainerPort represents a network port in a single container.

2594

properties:

2595

containerPort:

2596

description: Number of port to expose on the pod's IP address.

2597

format: int32

2598

type: integer

2599

hostIP:

2600

description: What host IP to bind the external port to.

2601

type: string

2602

hostPort:

2603

description: Number of port to expose on the host.

2604

format: int32

2605

type: integer

2606

name:

2607

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

2608

type: string

2609

protocol:

2610

default: TCP

2611

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

2612

type: string

2613

required:

2614

- containerPort

2615

type: object

2616

type: array

2617

x-kubernetes-list-map-keys:

2618

- containerPort

2619

- protocol

2620

x-kubernetes-list-type: map

2621

readinessProbe:

2622

description: Periodic probe of container service readiness.

2623

properties:

2624

exec:

2625

description: Exec specifies the action to take.

2626

properties:

2627

command:

2628

description: Command is the command line to execute inside the container, the working directo

2629

items:

2630

type: string

2631

type: array

2632

type: object

2633

failureThreshold:

2634

description: 'Minimum consecutive failures for the probe to be considered failed after having '

2635

format: int32

2636

type: integer

2637

grpc:

2638

description: GRPC specifies an action involving a GRPC port.

2639

properties:

2640

port:

2641

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

2642

format: int32

2643

type: integer

2644

service:

2645

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

2646

type: string

2647

required:

2648

- port

2649

type: object

2650

httpGet:

2651

description: HTTPGet specifies the http request to perform.

2652

properties:

2653

host:

2654

description: Host name to connect to, defaults to the pod IP.

2655

type: string

2656

httpHeaders:

2657

description: Custom headers to set in the request. HTTP allows repeated headers.

2658

items:

2659

description: HTTPHeader describes a custom header to be used in HTTP probes

2660

properties:

2661

name:

2662

description: The header field name

2663

type: string

2664

value:

2665

description: The header field value

2666

type: string

2667

required:

2668

- name

2669

- value

2670

type: object

2671

type: array

2672

path:

2673

description: Path to access on the HTTP server.

2674

type: string

2675

port:

2676

anyOf:

2677

- type: integer

2678

- type: string

2679

description: Name or number of the port to access on the container.

2680

x-kubernetes-int-or-string: true

2681

scheme:

2682

description: Scheme to use for connecting to the host. Defaults to HTTP.

2683

type: string

2684

required:

2685

- port

2686

type: object

2687

initialDelaySeconds:

2688

description: Number of seconds after the container has started before liveness probes are ini

2689

format: int32

2690

type: integer

2691

periodSeconds:

2692

description: How often (in seconds) to perform the probe. Default to 10 seconds.

2693

format: int32

2694

type: integer

2695

successThreshold:

2696

description: Minimum consecutive successes for the probe to be considered successful after ha

2697

format: int32

2698

type: integer

2699

tcpSocket:

2700

description: TCPSocket specifies an action involving a TCP port.

2701

properties:

2702

host:

2703

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2704

type: string

2705

port:

2706

anyOf:

2707

- type: integer

2708

- type: string

2709

description: Number or name of the port to access on the container.

2710

x-kubernetes-int-or-string: true

2711

required:

2712

- port

2713

type: object

2714

terminationGracePeriodSeconds:

2715

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

2716

format: int64

2717

type: integer

2718

timeoutSeconds:

2719

description: Number of seconds after which the probe times out. Defaults to 1 second.

2720

format: int32

2721

type: integer

2722

type: object

2723

resources:

2724

description: Compute Resources required by this container. Cannot be updated.

2725

properties:

2726

limits:

2727

additionalProperties:

2728

anyOf:

2729

- type: integer

2730

- type: string

2731

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

2732

x-kubernetes-int-or-string: true

2733

description: Limits describes the maximum amount of compute resources allowed.

2734

type: object

2735

requests:

2736

additionalProperties:

2737

anyOf:

2738

- type: integer

2739

- type: string

2740

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

2741

x-kubernetes-int-or-string: true

2742

description: Requests describes the minimum amount of compute resources required.

2743

type: object

2744

type: object

2745

securityContext:

2746

description: SecurityContext defines the security options the container should be run with.

2747

properties:

2748

allowPrivilegeEscalation:

2749

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

2750

type: boolean

2751

capabilities:

2752

description: The capabilities to add/drop when running containers.

2753

properties:

2754

add:

2755

description: Added capabilities

2756

items:

2757

description: Capability represent POSIX capabilities type

2758

type: string

2759

type: array

2760

drop:

2761

description: Removed capabilities

2762

items:

2763

description: Capability represent POSIX capabilities type

2764

type: string

2765

type: array

2766

type: object

2767

privileged:

2768

description: Run container in privileged mode.

2769

type: boolean

2770

procMount:

2771

description: procMount denotes the type of proc mount to use for the containers.

2772

type: string

2773

readOnlyRootFilesystem:

2774

description: Whether this container has a read-only root filesystem. Default is false.

2775

type: boolean

2776

runAsGroup:

2777

description: The GID to run the entrypoint of the container process.

2778

format: int64

2779

type: integer

2780

runAsNonRoot:

2781

description: Indicates that the container must run as a non-root user.

2782

type: boolean

2783

runAsUser:

2784

description: The UID to run the entrypoint of the container process.

2785

format: int64

2786

type: integer

2787

seLinuxOptions:

2788

description: The SELinux context to be applied to the container.

2789

properties:

2790

level:

2791

description: Level is SELinux level label that applies to the container.

2792

type: string

2793

role:

2794

description: Role is a SELinux role label that applies to the container.

2795

type: string

2796

type:

2797

description: Type is a SELinux type label that applies to the container.

2798

type: string

2799

user:

2800

description: User is a SELinux user label that applies to the container.

2801

type: string

2802

type: object

2803

seccompProfile:

2804

description: The seccomp options to use by this container.

2805

properties:

2806

localhostProfile:

2807

description: localhostProfile indicates a profile defined in a file on the node should be use

2808

type: string

2809

type:

2810

description: type indicates which kind of seccomp profile will be applied.

2811

type: string

2812

required:

2813

- type

2814

type: object

2815

windowsOptions:

2816

description: The Windows specific settings applied to all containers.

2817

properties:

2818

gmsaCredentialSpec:

2819

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

2820

type: string

2821

gmsaCredentialSpecName:

2822

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

2823

type: string

2824

hostProcess:

2825

description: HostProcess determines if a container should be run as a 'Host Process' containe

2826

type: boolean

2827

runAsUserName:

2828

description: The UserName in Windows to run the entrypoint of the container process.

2829

type: string

2830

type: object

2831

type: object

2832

startupProbe:

2833

description: StartupProbe indicates that the Pod has successfully initialized.

2834

properties:

2835

exec:

2836

description: Exec specifies the action to take.

2837

properties:

2838

command:

2839

description: Command is the command line to execute inside the container, the working directo

2840

items:

2841

type: string

2842

type: array

2843

type: object

2844

failureThreshold:

2845

description: 'Minimum consecutive failures for the probe to be considered failed after having '

2846

format: int32

2847

type: integer

2848

grpc:

2849

description: GRPC specifies an action involving a GRPC port.

2850

properties:

2851

port:

2852

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

2853

format: int32

2854

type: integer

2855

service:

2856

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

2857

type: string

2858

required:

2859

- port

2860

type: object

2861

httpGet:

2862

description: HTTPGet specifies the http request to perform.

2863

properties:

2864

host:

2865

description: Host name to connect to, defaults to the pod IP.

2866

type: string

2867

httpHeaders:

2868

description: Custom headers to set in the request. HTTP allows repeated headers.

2869

items:

2870

description: HTTPHeader describes a custom header to be used in HTTP probes

2871

properties:

2872

name:

2873

description: The header field name

2874

type: string

2875

value:

2876

description: The header field value

2877

type: string

2878

required:

2879

- name

2880

- value

2881

type: object

2882

type: array

2883

path:

2884

description: Path to access on the HTTP server.

2885

type: string

2886

port:

2887

anyOf:

2888

- type: integer

2889

- type: string

2890

description: Name or number of the port to access on the container.

2891

x-kubernetes-int-or-string: true

2892

scheme:

2893

description: Scheme to use for connecting to the host. Defaults to HTTP.

2894

type: string

2895

required:

2896

- port

2897

type: object

2898

initialDelaySeconds:

2899

description: Number of seconds after the container has started before liveness probes are ini

2900

format: int32

2901

type: integer

2902

periodSeconds:

2903

description: How often (in seconds) to perform the probe. Default to 10 seconds.

2904

format: int32

2905

type: integer

2906

successThreshold:

2907

description: Minimum consecutive successes for the probe to be considered successful after ha

2908

format: int32

2909

type: integer

2910

tcpSocket:

2911

description: TCPSocket specifies an action involving a TCP port.

2912

properties:

2913

host:

2914

description: 'Optional: Host name to connect to, defaults to the pod IP.'

2915

type: string

2916

port:

2917

anyOf:

2918

- type: integer

2919

- type: string

2920

description: Number or name of the port to access on the container.

2921

x-kubernetes-int-or-string: true

2922

required:

2923

- port

2924

type: object

2925

terminationGracePeriodSeconds:

2926

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

2927

format: int64

2928

type: integer

2929

timeoutSeconds:

2930

description: Number of seconds after which the probe times out. Defaults to 1 second.

2931

format: int32

2932

type: integer

2933

type: object

2934

stdin:

2935

description: Whether this container should allocate a buffer for stdin in the container runti

2936

type: boolean

2937

stdinOnce:

2938

description: Whether the container runtime should close the stdin channel after it has been o

2939

type: boolean

2940

terminationMessagePath:

2941

description: 'Optional: Path at which the file to which the container''s termination message wi'

2942

type: string

2943

terminationMessagePolicy:

2944

description: Indicate how the termination message should be populated.

2945

type: string

2946

tty:

2947

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

2948

type: boolean

2949

volumeDevices:

2950

description: volumeDevices is the list of block devices to be used by the container.

2951

items:

2952

description: volumeDevice describes a mapping of a raw block device within a container.

2953

properties:

2954

devicePath:

2955

description: devicePath is the path inside of the container that the device will be mapped to

2956

type: string

2957

name:

2958

description: name must match the name of a persistentVolumeClaim in the pod

2959

type: string

2960

required:

2961

- devicePath

2962

- name

2963

type: object

2964

type: array

2965

volumeMounts:

2966

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

2967

items:

2968

description: VolumeMount describes a mounting of a Volume within a container.

2969

properties:

2970

mountPath:

2971

description: Path within the container at which the volume should be mounted.

2972

type: string

2973

mountPropagation:

2974

description: mountPropagation determines how mounts are propagated from the host to container

2975

type: string

2976

name:

2977

description: This must match the Name of a Volume.

2978

type: string

2979

readOnly:

2980

description: Mounted read-only if true, read-write otherwise (false or unspecified).

2981

type: boolean

2982

subPath:

2983

description: Path within the volume from which the container's volume should be mounted.

2984

type: string

2985

subPathExpr:

2986

description: Expanded path within the volume from which the container's volume should be moun

2987

type: string

2988

required:

2989

- mountPath

2990

- name

2991

type: object

2992

type: array

2993

workingDir:

2994

description: Container's working directory.

2995

type: string

2996

required:

2997

- name

2998

type: object

2999

type: array

3000

nodeName:

3001

description: NodeName is a request to schedule this pod onto a specific node.

3002

type: string

3003

nodeSelector:

3004

additionalProperties:

3005

type: string

3006

description: NodeSelector is a selector which must be true for the pod to fit on a node.

3007

type: object

3008

x-kubernetes-map-type: atomic

3009

os:

3010

description: Specifies the OS of the containers in the pod.

3011

properties:

3012

name:

3013

description: Name is the name of the operating system.

3014

type: string

3015

required:

3016

- name

3017

type: object

3018

overhead:

3019

additionalProperties:

3020

anyOf:

3021

- type: integer

3022

- type: string

3023

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3024

x-kubernetes-int-or-string: true

3025

description: Overhead represents the resource overhead associated with running a pod for a gi

3026

type: object

3027

preemptionPolicy:

3028

description: PreemptionPolicy is the Policy for preempting pods with lower priority.

3029

type: string

3030

priority:

3031

description: The priority value.

3032

format: int32

3033

type: integer

3034

priorityClassName:

3035

description: If specified, indicates the pod's priority.

3036

type: string

3037

readinessGates:

3038

description: If specified, all readiness gates will be evaluated for pod readiness.

3039

items:

3040

description: PodReadinessGate contains the reference to a pod condition

3041

properties:

3042

conditionType:

3043

description: ConditionType refers to a condition in the pod's condition list with matching ty

3044

type: string

3045

required:

3046

- conditionType

3047

type: object

3048

type: array

3049

restartPolicy:

3050

description: Restart policy for all containers within the pod.

3051

type: string

3052

runtimeClassName:

3053

description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.

3054

type: string

3055

schedulerName:

3056

description: If specified, the pod will be dispatched by specified scheduler.

3057

type: string

3058

securityContext:

3059

description: SecurityContext holds pod-level security attributes and common container setting

3060

properties:

3061

fsGroup:

3062

description: A special supplemental group that applies to all containers in a pod.

3063

format: int64

3064

type: integer

3065

fsGroupChangePolicy:

3066

description: fsGroupChangePolicy defines behavior of changing ownership and permission of the

3067

type: string

3068

runAsGroup:

3069

description: The GID to run the entrypoint of the container process.

3070

format: int64

3071

type: integer

3072

runAsNonRoot:

3073

description: Indicates that the container must run as a non-root user.

3074

type: boolean

3075

runAsUser:

3076

description: The UID to run the entrypoint of the container process.

3077

format: int64

3078

type: integer

3079

seLinuxOptions:

3080

description: The SELinux context to be applied to all containers.

3081

properties:

3082

level:

3083

description: Level is SELinux level label that applies to the container.

3084

type: string

3085

role:

3086

description: Role is a SELinux role label that applies to the container.

3087

type: string

3088

type:

3089

description: Type is a SELinux type label that applies to the container.

3090

type: string

3091

user:

3092

description: User is a SELinux user label that applies to the container.

3093

type: string

3094

type: object

3095

seccompProfile:

3096

description: The seccomp options to use by the containers in this pod.

3097

properties:

3098

localhostProfile:

3099

description: localhostProfile indicates a profile defined in a file on the node should be use

3100

type: string

3101

type:

3102

description: type indicates which kind of seccomp profile will be applied.

3103

type: string

3104

required:

3105

- type

3106

type: object

3107

supplementalGroups:

3108

description: A list of groups applied to the first process run in each container, in addition

3109

items:

3110

format: int64

3111

type: integer

3112

type: array

3113

sysctls:

3114

description: Sysctls hold a list of namespaced sysctls used for the pod.

3115

items:

3116

description: Sysctl defines a kernel parameter to be set

3117

properties:

3118

name:

3119

description: Name of a property to set

3120

type: string

3121

value:

3122

description: Value of a property to set

3123

type: string

3124

required:

3125

- name

3126

- value

3127

type: object

3128

type: array

3129

windowsOptions:

3130

description: The Windows specific settings applied to all containers.

3131

properties:

3132

gmsaCredentialSpec:

3133

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

3134

type: string

3135

gmsaCredentialSpecName:

3136

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

3137

type: string

3138

hostProcess:

3139

description: HostProcess determines if a container should be run as a 'Host Process' containe

3140

type: boolean

3141

runAsUserName:

3142

description: The UserName in Windows to run the entrypoint of the container process.

3143

type: string

3144

type: object

3145

type: object

3146

serviceAccount:

3147

description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.

3148

type: string

3149

serviceAccountName:

3150

description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.

3151

type: string

3152

setHostnameAsFQDN:

3153

description: If true the pod's hostname will be configured as the pod's FQDN, rather than the

3154

type: boolean

3155

shareProcessNamespace:

3156

description: Share a single process namespace between all of the containers in a pod.

3157

type: boolean

3158

subdomain:

3159

description: If specified, the fully qualified Pod hostname will be "..

3160

type: string

3161

terminationGracePeriodSeconds:

3162

description: Optional duration in seconds the pod needs to terminate gracefully.

3163

format: int64

3164

type: integer

3165

tolerations:

3166

description: If specified, the pod's tolerations.

3167

items:

3168

description: The pod this Toleration is attached to tolerates any taint that matches the trip

3169

properties:

3170

effect:

3171

description: Effect indicates the taint effect to match. Empty means match all taint effects.

3172

type: string

3173

key:

3174

description: Key is the taint key that the toleration applies to.

3175

type: string

3176

operator:

3177

description: Operator represents a key's relationship to the value.

3178

type: string

3179

tolerationSeconds:

3180

description: TolerationSeconds represents the period of time the toleration (which must be of

3181

format: int64

3182

type: integer

3183

value:

3184

description: Value is the taint value the toleration matches to.

3185

type: string

3186

type: object

3187

type: array

3188

topologySpreadConstraints:

3189

description: TopologySpreadConstraints describes how a group of pods ought to spread across t

3190

items:

3191

description: TopologySpreadConstraint specifies how to spread matching pods among the given t

3192

properties:

3193

labelSelector:

3194

description: LabelSelector is used to find matching pods.

3195

properties:

3196

matchExpressions:

3197

description: matchExpressions is a list of label selector requirements.

3198

items:

3199

description: A label selector requirement is a selector that contains values, a key, and an o

3200

properties:

3201

key:

3202

description: key is the label key that the selector applies to.

3203

type: string

3204

operator:

3205

description: operator represents a key's relationship to a set of values.

3206

type: string

3207

values:

3208

description: values is an array of string values.

3209

items:

3210

type: string

3211

type: array

3212

required:

3213

- key

3214

- operator

3215

type: object

3216

type: array

3217

matchLabels:

3218

additionalProperties:

3219

type: string

3220

description: matchLabels is a map of {key,value} pairs.

3221

type: object

3222

type: object

3223

x-kubernetes-map-type: atomic

3224

maxSkew:

3225

description: MaxSkew describes the degree to which pods may be unevenly distributed.

3226

format: int32

3227

type: integer

3228

topologyKey:

3229

description: TopologyKey is the key of node labels.

3230

type: string

3231

whenUnsatisfiable:

3232

description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr

3233

type: string

3234

required:

3235

- maxSkew

3236

- topologyKey

3237

- whenUnsatisfiable

3238

type: object

3239

type: array

3240

x-kubernetes-list-map-keys:

3241

- topologyKey

3242

- whenUnsatisfiable

3243

x-kubernetes-list-type: map

3244

volumes:

3245

description: List of volumes that can be mounted by containers belonging to the pod.

3246

items:

3247

description: 'Volume represents a named volume in a pod that may be accessed by any container '

3248

properties:

3249

awsElasticBlockStore:

3250

description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel

3251

properties:

3252

fsType:

3253

description: Filesystem type of the volume that you want to mount.

3254

type: string

3255

partition:

3256

description: The partition in the volume that you want to mount.

3257

format: int32

3258

type: integer

3259

readOnly:

3260

description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".

3261

type: boolean

3262

volumeID:

3263

description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).

3264

type: string

3265

required:

3266

- volumeID

3267

type: object

3268

azureDisk:

3269

description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '

3270

properties:

3271

cachingMode:

3272

description: 'Host Caching mode: None, Read Only, Read Write.'

3273

type: string

3274

diskName:

3275

description: The Name of the data disk in the blob storage

3276

type: string

3277

diskURI:

3278

description: The URI the data disk in the blob storage

3279

type: string

3280

fsType:

3281

description: Filesystem type to mount.

3282

type: string

3283

kind:

3284

description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'

3285

type: string

3286

readOnly:

3287

description: Defaults to false (read/write).

3288

type: boolean

3289

required:

3290

- diskName

3291

- diskURI

3292

type: object

3293

azureFile:

3294

description: AzureFile represents an Azure File Service mount on the host and bind mount to t

3295

properties:

3296

readOnly:

3297

description: Defaults to false (read/write).

3298

type: boolean

3299

secretName:

3300

description: the name of secret that contains Azure Storage Account Name and Key

3301

type: string

3302

shareName:

3303

description: Share Name

3304

type: string

3305

required:

3306

- secretName

3307

- shareName

3308

type: object

3309

cephfs:

3310

description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime

3311

properties:

3312

monitors:

3313

description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'

3314

items:

3315

type: string

3316

type: array

3317

path:

3318

description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'

3319

type: string

3320

readOnly:

3321

description: 'Optional: Defaults to false (read/write).'

3322

type: boolean

3323

secretFile:

3324

description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'

3325

type: string

3326

secretRef:

3327

description: 'Optional: SecretRef is reference to the authentication secret for User, default '

3328

properties:

3329

name:

3330

description: 'Name of the referent. More info: https://kubernetes.'

3331

type: string

3332

type: object

3333

x-kubernetes-map-type: atomic

3334

user:

3335

description: 'Optional: User is the rados user name, default is admin More info: https://examp'

3336

type: string

3337

required:

3338

- monitors

3339

type: object

3340

cinder:

3341

description: Cinder represents a cinder volume attached and mounted on kubelets host machine.

3342

properties:

3343

fsType:

3344

description: Filesystem type to mount.

3345

type: string

3346

readOnly:

3347

description: 'Optional: Defaults to false (read/write).'

3348

type: boolean

3349

secretRef:

3350

description: 'Optional: points to a secret object containing parameters used to connect to Ope'

3351

properties:

3352

name:

3353

description: 'Name of the referent. More info: https://kubernetes.'

3354

type: string

3355

type: object

3356

x-kubernetes-map-type: atomic

3357

volumeID:

3358

description: 'volume id used to identify the volume in cinder. More info: https://examples.'

3359

type: string

3360

required:

3361

- volumeID

3362

type: object

3363

configMap:

3364

description: ConfigMap represents a configMap that should populate this volume

3365

properties:

3366

defaultMode:

3367

description: 'Optional: mode bits used to set permissions on created files by default.'

3368

format: int32

3369

type: integer

3370

items:

3371

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

3372

items:

3373

description: Maps a string key to a path within a volume.

3374

properties:

3375

key:

3376

description: The key to project.

3377

type: string

3378

mode:

3379

description: 'Optional: mode bits used to set permissions on this file.'

3380

format: int32

3381

type: integer

3382

path:

3383

description: The relative path of the file to map the key to. May not be an absolute path.

3384

type: string

3385

required:

3386

- key

3387

- path

3388

type: object

3389

type: array

3390

name:

3391

description: 'Name of the referent. More info: https://kubernetes.'

3392

type: string

3393

optional:

3394

description: Specify whether the ConfigMap or its keys must be defined

3395

type: boolean

3396

type: object

3397

x-kubernetes-map-type: atomic

3398

csi:

3399

description: CSI (Container Storage Interface) represents ephemeral storage that is handled b

3400

properties:

3401

driver:

3402

description: Driver is the name of the CSI driver that handles this volume.

3403

type: string

3404

fsType:

3405

description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".

3406

type: string

3407

nodePublishSecretRef:

3408

description: NodePublishSecretRef is a reference to the secret object containing sensitive in

3409

properties:

3410

name:

3411

description: 'Name of the referent. More info: https://kubernetes.'

3412

type: string

3413

type: object

3414

x-kubernetes-map-type: atomic

3415

readOnly:

3416

description: Specifies a read-only configuration for the volume.

3417

type: boolean

3418

volumeAttributes:

3419

additionalProperties:

3420

type: string

3421

description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr

3422

type: object

3423

required:

3424

- driver

3425

type: object

3426

downwardAPI:

3427

description: DownwardAPI represents downward API about the pod that should populate this volu

3428

properties:

3429

defaultMode:

3430

description: 'Optional: mode bits to use on created files by default.'

3431

format: int32

3432

type: integer

3433

items:

3434

description: Items is a list of downward API volume file

3435

items:

3436

description: DownwardAPIVolumeFile represents information to create the file containing the p

3437

properties:

3438

fieldRef:

3439

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

3440

properties:

3441

apiVersion:

3442

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

3443

type: string

3444

fieldPath:

3445

description: Path of the field to select in the specified API version.

3446

type: string

3447

required:

3448

- fieldPath

3449

type: object

3450

x-kubernetes-map-type: atomic

3451

mode:

3452

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

3453

format: int32

3454

type: integer

3455

path:

3456

description: 'Required: Path is the relative path name of the file to be created.'

3457

type: string

3458

resourceFieldRef:

3459

description: 'Selects a resource of the container: only resources limits and requests (limits.'

3460

properties:

3461

containerName:

3462

description: 'Container name: required for volumes, optional for env vars'

3463

type: string

3464

divisor:

3465

anyOf:

3466

- type: integer

3467

- type: string

3468

description: Specifies the output format of the exposed resources, defaults to "1"

3469

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3470

x-kubernetes-int-or-string: true

3471

resource:

3472

description: 'Required: resource to select'

3473

type: string

3474

required:

3475

- resource

3476

type: object

3477

x-kubernetes-map-type: atomic

3478

required:

3479

- path

3480

type: object

3481

type: array

3482

type: object

3483

emptyDir:

3484

description: EmptyDir represents a temporary directory that shares a pod's lifetime.

3485

properties:

3486

medium:

3487

description: What type of storage medium should back this directory.

3488

type: string

3489

sizeLimit:

3490

anyOf:

3491

- type: integer

3492

- type: string

3493

description: Total amount of local storage required for this EmptyDir volume.

3494

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3495

x-kubernetes-int-or-string: true

3496

type: object

3497

ephemeral:

3498

description: Ephemeral represents a volume that is handled by a cluster storage driver.

3499

properties:

3500

volumeClaimTemplate:

3501

description: Will be used to create a stand-alone PVC to provision the volume.

3502

properties:

3503

metadata:

3504

description: May contain labels and annotations that will be copied into the PVC when creatin

3505

type: object

3506

spec:

3507

description: The specification for the PersistentVolumeClaim.

3508

properties:

3509

accessModes:

3510

description: AccessModes contains the desired access modes the volume should have.

3511

items:

3512

type: string

3513

type: array

3514

dataSource:

3515

description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'

3516

properties:

3517

apiGroup:

3518

description: APIGroup is the group for the resource being referenced.

3519

type: string

3520

kind:

3521

description: Kind is the type of resource being referenced

3522

type: string

3523

name:

3524

description: Name is the name of resource being referenced

3525

type: string

3526

required:

3527

- kind

3528

- name

3529

type: object

3530

x-kubernetes-map-type: atomic

3531

dataSourceRef:

3532

description: Specifies the object from which to populate the volume with data, if a non-empty

3533

properties:

3534

apiGroup:

3535

description: APIGroup is the group for the resource being referenced.

3536

type: string

3537

kind:

3538

description: Kind is the type of resource being referenced

3539

type: string

3540

name:

3541

description: Name is the name of resource being referenced

3542

type: string

3543

required:

3544

- kind

3545

- name

3546

type: object

3547

x-kubernetes-map-type: atomic

3548

resources:

3549

description: Resources represents the minimum resources the volume should have.

3550

properties:

3551

limits:

3552

additionalProperties:

3553

anyOf:

3554

- type: integer

3555

- type: string

3556

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3557

x-kubernetes-int-or-string: true

3558

description: Limits describes the maximum amount of compute resources allowed.

3559

type: object

3560

requests:

3561

additionalProperties:

3562

anyOf:

3563

- type: integer

3564

- type: string

3565

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3566

x-kubernetes-int-or-string: true

3567

description: Requests describes the minimum amount of compute resources required.

3568

type: object

3569

type: object

3570

selector:

3571

description: A label query over volumes to consider for binding.

3572

properties:

3573

matchExpressions:

3574

description: matchExpressions is a list of label selector requirements.

3575

items:

3576

description: A label selector requirement is a selector that contains values, a key, and an o

3577

properties:

3578

key:

3579

description: key is the label key that the selector applies to.

3580

type: string

3581

operator:

3582

description: operator represents a key's relationship to a set of values.

3583

type: string

3584

values:

3585

description: values is an array of string values.

3586

items:

3587

type: string

3588

type: array

3589

required:

3590

- key

3591

- operator

3592

type: object

3593

type: array

3594

matchLabels:

3595

additionalProperties:

3596

type: string

3597

description: matchLabels is a map of {key,value} pairs.

3598

type: object

3599

type: object

3600

x-kubernetes-map-type: atomic

3601

storageClassName:

3602

description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'

3603

type: string

3604

volumeMode:

3605

description: volumeMode defines what type of volume is required by the claim.

3606

type: string

3607

volumeName:

3608

description: VolumeName is the binding reference to the PersistentVolume backing this claim.

3609

type: string

3610

type: object

3611

required:

3612

- spec

3613

type: object

3614

type: object

3615

fc:

3616

description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach

3617

properties:

3618

fsType:

3619

description: Filesystem type to mount.

3620

type: string

3621

lun:

3622

description: 'Optional: FC target lun number'

3623

format: int32

3624

type: integer

3625

readOnly:

3626

description: 'Optional: Defaults to false (read/write).'

3627

type: boolean

3628

targetWWNs:

3629

description: 'Optional: FC target worldwide names (WWNs)'

3630

items:

3631

type: string

3632

type: array

3633

wwids:

3634

description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'

3635

items:

3636

type: string

3637

type: array

3638

type: object

3639

flexVolume:

3640

description: FlexVolume represents a generic volume resource that is provisioned/attached usi

3641

properties:

3642

driver:

3643

description: Driver is the name of the driver to use for this volume.

3644

type: string

3645

fsType:

3646

description: Filesystem type to mount.

3647

type: string

3648

options:

3649

additionalProperties:

3650

type: string

3651

description: 'Optional: Extra command options if any.'

3652

type: object

3653

readOnly:

3654

description: 'Optional: Defaults to false (read/write).'

3655

type: boolean

3656

secretRef:

3657

description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'

3658

properties:

3659

name:

3660

description: 'Name of the referent. More info: https://kubernetes.'

3661

type: string

3662

type: object

3663

x-kubernetes-map-type: atomic

3664

required:

3665

- driver

3666

type: object

3667

flocker:

3668

description: Flocker represents a Flocker volume attached to a kubelet's host machine.

3669

properties:

3670

datasetName:

3671

description: Name of the dataset stored as metadata -> name on the dataset for Flocker should

3672

type: string

3673

datasetUUID:

3674

description: UUID of the dataset. This is unique identifier of a Flocker dataset

3675

type: string

3676

type: object

3677

gcePersistentDisk:

3678

description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's

3679

properties:

3680

fsType:

3681

description: Filesystem type of the volume that you want to mount.

3682

type: string

3683

partition:

3684

description: The partition in the volume that you want to mount.

3685

format: int32

3686

type: integer

3687

pdName:

3688

description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.

3689

type: string

3690

readOnly:

3691

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

3692

type: boolean

3693

required:

3694

- pdName

3695

type: object

3696

gitRepo:

3697

description: GitRepo represents a git repository at a particular revision.

3698

properties:

3699

directory:

3700

description: Target directory name. Must not contain or start with '..'. If '.

3701

type: string

3702

repository:

3703

description: Repository URL

3704

type: string

3705

revision:

3706

description: Commit hash for the specified revision.

3707

type: string

3708

required:

3709

- repository

3710

type: object

3711

glusterfs:

3712

description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.

3713

properties:

3714

endpoints:

3715

description: EndpointsName is the endpoint name that details Glusterfs topology.

3716

type: string

3717

path:

3718

description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'

3719

type: string

3720

readOnly:

3721

description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi

3722

type: boolean

3723

required:

3724

- endpoints

3725

- path

3726

type: object

3727

hostPath:

3728

description: HostPath represents a pre-existing file or directory on the host machine that is

3729

properties:

3730

path:

3731

description: Path of the directory on the host.

3732

type: string

3733

type:

3734

description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'

3735

type: string

3736

required:

3737

- path

3738

type: object

3739

iscsi:

3740

description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac

3741

properties:

3742

chapAuthDiscovery:

3743

description: whether support iSCSI Discovery CHAP authentication

3744

type: boolean

3745

chapAuthSession:

3746

description: whether support iSCSI Session CHAP authentication

3747

type: boolean

3748

fsType:

3749

description: Filesystem type of the volume that you want to mount.

3750

type: string

3751

initiatorName:

3752

description: Custom iSCSI Initiator Name.

3753

type: string

3754

iqn:

3755

description: Target iSCSI Qualified Name.

3756

type: string

3757

iscsiInterface:

3758

description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

3759

type: string

3760

lun:

3761

description: iSCSI Target Lun number.

3762

format: int32

3763

type: integer

3764

portals:

3765

description: iSCSI Target Portal List.

3766

items:

3767

type: string

3768

type: array

3769

readOnly:

3770

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

3771

type: boolean

3772

secretRef:

3773

description: CHAP Secret for iSCSI target and initiator authentication

3774

properties:

3775

name:

3776

description: 'Name of the referent. More info: https://kubernetes.'

3777

type: string

3778

type: object

3779

x-kubernetes-map-type: atomic

3780

targetPortal:

3781

description: iSCSI Target Portal.

3782

type: string

3783

required:

3784

- iqn

3785

- lun

3786

- targetPortal

3787

type: object

3788

name:

3789

description: Volume's name. Must be a DNS_LABEL and unique within the pod.

3790

type: string

3791

nfs:

3792

description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '

3793

properties:

3794

path:

3795

description: 'Path that is exported by the NFS server. More info: https://kubernetes.'

3796

type: string

3797

readOnly:

3798

description: ReadOnly here will force the NFS export to be mounted with read-only permissions

3799

type: boolean

3800

server:

3801

description: Server is the hostname or IP address of the NFS server.

3802

type: string

3803

required:

3804

- path

3805

- server

3806

type: object

3807

persistentVolumeClaim:

3808

description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl

3809

properties:

3810

claimName:

3811

description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po

3812

type: string

3813

readOnly:

3814

description: Will force the ReadOnly setting in VolumeMounts. Default false.

3815

type: boolean

3816

required:

3817

- claimName

3818

type: object

3819

photonPersistentDisk:

3820

description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '

3821

properties:

3822

fsType:

3823

description: Filesystem type to mount.

3824

type: string

3825

pdID:

3826

description: ID that identifies Photon Controller persistent disk

3827

type: string

3828

required:

3829

- pdID

3830

type: object

3831

portworxVolume:

3832

description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos

3833

properties:

3834

fsType:

3835

description: FSType represents the filesystem type to mount Must be a filesystem type support

3836

type: string

3837

readOnly:

3838

description: Defaults to false (read/write).

3839

type: boolean

3840

volumeID:

3841

description: VolumeID uniquely identifies a Portworx volume

3842

type: string

3843

required:

3844

- volumeID

3845

type: object

3846

projected:

3847

description: Items for all in one resources secrets, configmaps, and downward API

3848

properties:

3849

defaultMode:

3850

description: Mode bits used to set permissions on created files by default.

3851

format: int32

3852

type: integer

3853

sources:

3854

description: list of volume projections

3855

items:

3856

description: Projection that may be projected along with other supported volume types

3857

properties:

3858

configMap:

3859

description: information about the configMap data to project

3860

properties:

3861

items:

3862

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

3863

items:

3864

description: Maps a string key to a path within a volume.

3865

properties:

3866

key:

3867

description: The key to project.

3868

type: string

3869

mode:

3870

description: 'Optional: mode bits used to set permissions on this file.'

3871

format: int32

3872

type: integer

3873

path:

3874

description: The relative path of the file to map the key to. May not be an absolute path.

3875

type: string

3876

required:

3877

- key

3878

- path

3879

type: object

3880

type: array

3881

name:

3882

description: 'Name of the referent. More info: https://kubernetes.'

3883

type: string

3884

optional:

3885

description: Specify whether the ConfigMap or its keys must be defined

3886

type: boolean

3887

type: object

3888

x-kubernetes-map-type: atomic

3889

downwardAPI:

3890

description: information about the downwardAPI data to project

3891

properties:

3892

items:

3893

description: Items is a list of DownwardAPIVolume file

3894

items:

3895

description: DownwardAPIVolumeFile represents information to create the file containing the p

3896

properties:

3897

fieldRef:

3898

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

3899

properties:

3900

apiVersion:

3901

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

3902

type: string

3903

fieldPath:

3904

description: Path of the field to select in the specified API version.

3905

type: string

3906

required:

3907

- fieldPath

3908

type: object

3909

x-kubernetes-map-type: atomic

3910

mode:

3911

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

3912

format: int32

3913

type: integer

3914

path:

3915

description: 'Required: Path is the relative path name of the file to be created.'

3916

type: string

3917

resourceFieldRef:

3918

description: 'Selects a resource of the container: only resources limits and requests (limits.'

3919

properties:

3920

containerName:

3921

description: 'Container name: required for volumes, optional for env vars'

3922

type: string

3923

divisor:

3924

anyOf:

3925

- type: integer

3926

- type: string

3927

description: Specifies the output format of the exposed resources, defaults to "1"

3928

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

3929

x-kubernetes-int-or-string: true

3930

resource:

3931

description: 'Required: resource to select'

3932

type: string

3933

required:

3934

- resource

3935

type: object

3936

x-kubernetes-map-type: atomic

3937

required:

3938

- path

3939

type: object

3940

type: array

3941

type: object

3942

secret:

3943

description: information about the secret data to project

3944

properties:

3945

items:

3946

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

3947

items:

3948

description: Maps a string key to a path within a volume.

3949

properties:

3950

key:

3951

description: The key to project.

3952

type: string

3953

mode:

3954

description: 'Optional: mode bits used to set permissions on this file.'

3955

format: int32

3956

type: integer

3957

path:

3958

description: The relative path of the file to map the key to. May not be an absolute path.

3959

type: string

3960

required:

3961

- key

3962

- path

3963

type: object

3964

type: array

3965

name:

3966

description: 'Name of the referent. More info: https://kubernetes.'

3967

type: string

3968

optional:

3969

description: Specify whether the Secret or its key must be defined

3970

type: boolean

3971

type: object

3972

x-kubernetes-map-type: atomic

3973

serviceAccountToken:

3974

description: information about the serviceAccountToken data to project

3975

properties:

3976

audience:

3977

description: Audience is the intended audience of the token.

3978

type: string

3979

expirationSeconds:

3980

description: ExpirationSeconds is the requested duration of validity of the service account t

3981

format: int64

3982

type: integer

3983

path:

3984

description: Path is the path relative to the mount point of the file to project the token in

3985

type: string

3986

required:

3987

- path

3988

type: object

3989

type: object

3990

type: array

3991

type: object

3992

quobyte:

3993

description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime

3994

properties:

3995

group:

3996

description: Group to map volume access to Default is no group

3997

type: string

3998

readOnly:

3999

description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss

4000

type: boolean

4001

registry:

4002

description: 'Registry represents a single or multiple Quobyte Registry services specified as '

4003

type: string

4004

tenant:

4005

description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov

4006

type: string

4007

user:

4008

description: User to map volume access to Defaults to serivceaccount user

4009

type: string

4010

volume:

4011

description: Volume is a string that references an already created Quobyte volume by name.

4012

type: string

4013

required:

4014

- registry

4015

- volume

4016

type: object

4017

rbd:

4018

description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti

4019

properties:

4020

fsType:

4021

description: Filesystem type of the volume that you want to mount.

4022

type: string

4023

image:

4024

description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'

4025

type: string

4026

keyring:

4027

description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.

4028

type: string

4029

monitors:

4030

description: 'A collection of Ceph monitors. More info: https://examples.k8s.'

4031

items:

4032

type: string

4033

type: array

4034

pool:

4035

description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'

4036

type: string

4037

readOnly:

4038

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

4039

type: boolean

4040

secretRef:

4041

description: SecretRef is name of the authentication secret for RBDUser.

4042

properties:

4043

name:

4044

description: 'Name of the referent. More info: https://kubernetes.'

4045

type: string

4046

type: object

4047

x-kubernetes-map-type: atomic

4048

user:

4049

description: 'The rados user name. Default is admin. More info: https://examples.k8s.'

4050

type: string

4051

required:

4052

- image

4053

- monitors

4054

type: object

4055

scaleIO:

4056

description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete

4057

properties:

4058

fsType:

4059

description: Filesystem type to mount.

4060

type: string

4061

gateway:

4062

description: The host address of the ScaleIO API Gateway.

4063

type: string

4064

protectionDomain:

4065

description: The name of the ScaleIO Protection Domain for the configured storage.

4066

type: string

4067

readOnly:

4068

description: Defaults to false (read/write).

4069

type: boolean

4070

secretRef:

4071

description: SecretRef references to the secret for ScaleIO user and other sensitive informat

4072

properties:

4073

name:

4074

description: 'Name of the referent. More info: https://kubernetes.'

4075

type: string

4076

type: object

4077

x-kubernetes-map-type: atomic

4078

sslEnabled:

4079

description: Flag to enable/disable SSL communication with Gateway, default false

4080

type: boolean

4081

storageMode:

4082

description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro

4083

type: string

4084

storagePool:

4085

description: The ScaleIO Storage Pool associated with the protection domain.

4086

type: string

4087

system:

4088

description: The name of the storage system as configured in ScaleIO.

4089

type: string

4090

volumeName:

4091

description: The name of a volume already created in the ScaleIO system that is associated wi

4092

type: string

4093

required:

4094

- gateway

4095

- secretRef

4096

- system

4097

type: object

4098

secret:

4099

description: Secret represents a secret that should populate this volume.

4100

properties:

4101

defaultMode:

4102

description: 'Optional: mode bits used to set permissions on created files by default.'

4103

format: int32

4104

type: integer

4105

items:

4106

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

4107

items:

4108

description: Maps a string key to a path within a volume.

4109

properties:

4110

key:

4111

description: The key to project.

4112

type: string

4113

mode:

4114

description: 'Optional: mode bits used to set permissions on this file.'

4115

format: int32

4116

type: integer

4117

path:

4118

description: The relative path of the file to map the key to. May not be an absolute path.

4119

type: string

4120

required:

4121

- key

4122

- path

4123

type: object

4124

type: array

4125

optional:

4126

description: Specify whether the Secret or its keys must be defined

4127

type: boolean

4128

secretName:

4129

description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'

4130

type: string

4131

type: object

4132

storageos:

4133

description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes

4134

properties:

4135

fsType:

4136

description: Filesystem type to mount.

4137

type: string

4138

readOnly:

4139

description: Defaults to false (read/write).

4140

type: boolean

4141

secretRef:

4142

description: SecretRef specifies the secret to use for obtaining the StorageOS API credential

4143

properties:

4144

name:

4145

description: 'Name of the referent. More info: https://kubernetes.'

4146

type: string

4147

type: object

4148

x-kubernetes-map-type: atomic

4149

volumeName:

4150

description: VolumeName is the human-readable name of the StorageOS volume.

4151

type: string

4152

volumeNamespace:

4153

description: VolumeNamespace specifies the scope of the volume within StorageOS.

4154

type: string

4155

type: object

4156

vsphereVolume:

4157

description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '

4158

properties:

4159

fsType:

4160

description: Filesystem type to mount.

4161

type: string

4162

storagePolicyID:

4163

description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol

4164

type: string

4165

storagePolicyName:

4166

description: Storage Policy Based Management (SPBM) profile name.

4167

type: string

4168

volumePath:

4169

description: Path that identifies vSphere volume vmdk

4170

type: string

4171

required:

4172

- volumePath

4173

type: object

4174

required:

4175

- name

4176

type: object

4177

type: array

4178

required: null

4179

type: object

4180

torResources:

4181

description: Default resources for tor containers

4182

properties:

4183

limits:

4184

additionalProperties:

4185

anyOf:

4186

- type: integer

4187

- type: string

4188

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

4189

x-kubernetes-int-or-string: true

4190

description: Limits describes the maximum amount of compute resources allowed.

4191

type: object

4192

requests:

4193

additionalProperties:

4194

anyOf:

4195

- type: integer

4196

- type: string

4197

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

4198

x-kubernetes-int-or-string: true

4199

description: Requests describes the minimum amount of compute resources required.

4200

type: object

4201

type: object

4202

type: object

4203

privateKeySecret:

4204

description: SecretReference represents a Secret Reference.

4205

properties:

4206

key:

4207

type: string

4208

name:

4209

description: Name is unique within a namespace to reference a secret resource.

4210

type: string

4211

type: object

4212

serviceMonitor:

4213

default: false

4214

type: boolean

4215

template:

4216

properties:

4217

spec:

4218

description: OnionServiceSpec defines the desired state of OnionService.

4219

properties:

4220

authorizedClients:

4221

items:

4222

description: SecretReference represents a Secret Reference.

4223

properties:

4224

key:

4225

type: string

4226

name:

4227

description: Name is unique within a namespace to reference a secret resource.

4228

type: string

4229

type: object

4230

type: array

4231

extraConfig:

4232

type: string

4233

masterOnionAddress:

4234

type: string

4235

privateKeySecret:

4236

description: SecretReference represents a Secret Reference.

4237

properties:

4238

key:

4239

type: string

4240

name:

4241

description: Name is unique within a namespace to reference a secret resource.

4242

type: string

4243

type: object

4244

rules:

4245

items:

4246

properties:

4247

backend:

4248

description: Backend selector

4249

properties:

4250

resource:

4251

description: 'Resource is an ObjectRef to another Kubernetes resource in the namespace of the '

4252

properties:

4253

apiGroup:

4254

description: APIGroup is the group for the resource being referenced.

4255

type: string

4256

kind:

4257

description: Kind is the type of resource being referenced

4258

type: string

4259

name:

4260

description: Name is the name of resource being referenced

4261

type: string

4262

required:

4263

- kind

4264

- name

4265

type: object

4266

x-kubernetes-map-type: atomic

4267

service:

4268

description: Service references a Service as a Backend.

4269

properties:

4270

name:

4271

description: Name is the referenced service.

4272

type: string

4273

port:

4274

description: Port of the referenced service.

4275

properties:

4276

name:

4277

description: Name is the name of the port on the Service.

4278

type: string

4279

number:

4280

description: Number is the numerical port number (e.g. 80) on the Service.

4281

format: int32

4282

type: integer

4283

type: object

4284

required:

4285

- name

4286

type: object

4287

type: object

4288

port:

4289

description: Port publish as

4290

properties:

4291

name:

4292

description: Name is the name of the port on the Service.

4293

type: string

4294

number:

4295

description: Number is the numerical port number (e.g. 80) on the Service.

4296

format: int32

4297

type: integer

4298

type: object

4299

type: object

4300

type: array

4301

serviceMonitor:

4302

default: false

4303

type: boolean

4304

template:

4305

description: Template describes the pods that will be created.

4306

properties:

4307

metadata:

4308

description: Metadata of the pods created from this template.

4309

type: object

4310

resources:

4311

description: Default resources for containers

4312

properties:

4313

limits:

4314

additionalProperties:

4315

anyOf:

4316

- type: integer

4317

- type: string

4318

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

4319

x-kubernetes-int-or-string: true

4320

description: Limits describes the maximum amount of compute resources allowed.

4321

type: object

4322

requests:

4323

additionalProperties:

4324

anyOf:

4325

- type: integer

4326

- type: string

4327

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

4328

x-kubernetes-int-or-string: true

4329

description: Requests describes the minimum amount of compute resources required.

4330

type: object

4331

type: object

4332

spec:

4333

description: Spec defines the behavior of a pod.

4334

properties:

4335

activeDeadlineSeconds:

4336

description: Optional duration in seconds the pod may be active on the node relative to Start

4337

format: int64

4338

type: integer

4339

affinity:

4340

description: If specified, the pod's scheduling constraints

4341

properties:

4342

nodeAffinity:

4343

description: Describes node affinity scheduling rules for the pod.

4344

properties:

4345

preferredDuringSchedulingIgnoredDuringExecution:

4346

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

4347

items:

4348

description: An empty preferred scheduling term matches all objects with implicit weight 0 (i

4349

properties:

4350

preference:

4351

description: A node selector term, associated with the corresponding weight.

4352

properties:

4353

matchExpressions:

4354

description: A list of node selector requirements by node's labels.

4355

items:

4356

description: A node selector requirement is a selector that contains values, a key, and an op

4357

properties:

4358

key:

4359

description: The label key that the selector applies to.

4360

type: string

4361

operator:

4362

description: Represents a key's relationship to a set of values.

4363

type: string

4364

values:

4365

description: An array of string values.

4366

items:

4367

type: string

4368

type: array

4369

required:

4370

- key

4371

- operator

4372

type: object

4373

type: array

4374

matchFields:

4375

description: A list of node selector requirements by node's fields.

4376

items:

4377

description: A node selector requirement is a selector that contains values, a key, and an op

4378

properties:

4379

key:

4380

description: The label key that the selector applies to.

4381

type: string

4382

operator:

4383

description: Represents a key's relationship to a set of values.

4384

type: string

4385

values:

4386

description: An array of string values.

4387

items:

4388

type: string

4389

type: array

4390

required:

4391

- key

4392

- operator

4393

type: object

4394

type: array

4395

type: object

4396

x-kubernetes-map-type: atomic

4397

weight:

4398

description: Weight associated with matching the corresponding nodeSelectorTerm, in the range

4399

format: int32

4400

type: integer

4401

required:

4402

- preference

4403

- weight

4404

type: object

4405

type: array

4406

requiredDuringSchedulingIgnoredDuringExecution:

4407

description: If the affinity requirements specified by this field are not met at scheduling t

4408

properties:

4409

nodeSelectorTerms:

4410

description: Required. A list of node selector terms. The terms are ORed.

4411

items:

4412

description: A null or empty node selector term matches no objects.

4413

properties:

4414

matchExpressions:

4415

description: A list of node selector requirements by node's labels.

4416

items:

4417

description: A node selector requirement is a selector that contains values, a key, and an op

4418

properties:

4419

key:

4420

description: The label key that the selector applies to.

4421

type: string

4422

operator:

4423

description: Represents a key's relationship to a set of values.

4424

type: string

4425

values:

4426

description: An array of string values.

4427

items:

4428

type: string

4429

type: array

4430

required:

4431

- key

4432

- operator

4433

type: object

4434

type: array

4435

matchFields:

4436

description: A list of node selector requirements by node's fields.

4437

items:

4438

description: A node selector requirement is a selector that contains values, a key, and an op

4439

properties:

4440

key:

4441

description: The label key that the selector applies to.

4442

type: string

4443

operator:

4444

description: Represents a key's relationship to a set of values.

4445

type: string

4446

values:

4447

description: An array of string values.

4448

items:

4449

type: string

4450

type: array

4451

required:

4452

- key

4453

- operator

4454

type: object

4455

type: array

4456

type: object

4457

x-kubernetes-map-type: atomic

4458

type: array

4459

required:

4460

- nodeSelectorTerms

4461

type: object

4462

x-kubernetes-map-type: atomic

4463

type: object

4464

podAffinity:

4465

description: Describes pod affinity scheduling rules (e.g.

4466

properties:

4467

preferredDuringSchedulingIgnoredDuringExecution:

4468

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

4469

items:

4470

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

4471

properties:

4472

podAffinityTerm:

4473

description: Required. A pod affinity term, associated with the corresponding weight.

4474

properties:

4475

labelSelector:

4476

description: A label query over a set of resources, in this case pods.

4477

properties:

4478

matchExpressions:

4479

description: matchExpressions is a list of label selector requirements.

4480

items:

4481

description: A label selector requirement is a selector that contains values, a key, and an o

4482

properties:

4483

key:

4484

description: key is the label key that the selector applies to.

4485

type: string

4486

operator:

4487

description: operator represents a key's relationship to a set of values.

4488

type: string

4489

values:

4490

description: values is an array of string values.

4491

items:

4492

type: string

4493

type: array

4494

required:

4495

- key

4496

- operator

4497

type: object

4498

type: array

4499

matchLabels:

4500

additionalProperties:

4501

type: string

4502

description: matchLabels is a map of {key,value} pairs.

4503

type: object

4504

type: object

4505

x-kubernetes-map-type: atomic

4506

namespaceSelector:

4507

description: A label query over the set of namespaces that the term applies to.

4508

properties:

4509

matchExpressions:

4510

description: matchExpressions is a list of label selector requirements.

4511

items:

4512

description: A label selector requirement is a selector that contains values, a key, and an o

4513

properties:

4514

key:

4515

description: key is the label key that the selector applies to.

4516

type: string

4517

operator:

4518

description: operator represents a key's relationship to a set of values.

4519

type: string

4520

values:

4521

description: values is an array of string values.

4522

items:

4523

type: string

4524

type: array

4525

required:

4526

- key

4527

- operator

4528

type: object

4529

type: array

4530

matchLabels:

4531

additionalProperties:

4532

type: string

4533

description: matchLabels is a map of {key,value} pairs.

4534

type: object

4535

type: object

4536

x-kubernetes-map-type: atomic

4537

namespaces:

4538

description: namespaces specifies a static list of namespace names that the term applies to.

4539

items:

4540

type: string

4541

type: array

4542

topologyKey:

4543

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

4544

type: string

4545

required:

4546

- topologyKey

4547

type: object

4548

weight:

4549

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

4550

format: int32

4551

type: integer

4552

required:

4553

- podAffinityTerm

4554

- weight

4555

type: object

4556

type: array

4557

requiredDuringSchedulingIgnoredDuringExecution:

4558

description: If the affinity requirements specified by this field are not met at scheduling t

4559

items:

4560

description: Defines a set of pods (namely those matching the labelSelector relative to the g

4561

properties:

4562

labelSelector:

4563

description: A label query over a set of resources, in this case pods.

4564

properties:

4565

matchExpressions:

4566

description: matchExpressions is a list of label selector requirements.

4567

items:

4568

description: A label selector requirement is a selector that contains values, a key, and an o

4569

properties:

4570

key:

4571

description: key is the label key that the selector applies to.

4572

type: string

4573

operator:

4574

description: operator represents a key's relationship to a set of values.

4575

type: string

4576

values:

4577

description: values is an array of string values.

4578

items:

4579

type: string

4580

type: array

4581

required:

4582

- key

4583

- operator

4584

type: object

4585

type: array

4586

matchLabels:

4587

additionalProperties:

4588

type: string

4589

description: matchLabels is a map of {key,value} pairs.

4590

type: object

4591

type: object

4592

x-kubernetes-map-type: atomic

4593

namespaceSelector:

4594

description: A label query over the set of namespaces that the term applies to.

4595

properties:

4596

matchExpressions:

4597

description: matchExpressions is a list of label selector requirements.

4598

items:

4599

description: A label selector requirement is a selector that contains values, a key, and an o

4600

properties:

4601

key:

4602

description: key is the label key that the selector applies to.

4603

type: string

4604

operator:

4605

description: operator represents a key's relationship to a set of values.

4606

type: string

4607

values:

4608

description: values is an array of string values.

4609

items:

4610

type: string

4611

type: array

4612

required:

4613

- key

4614

- operator

4615

type: object

4616

type: array

4617

matchLabels:

4618

additionalProperties:

4619

type: string

4620

description: matchLabels is a map of {key,value} pairs.

4621

type: object

4622

type: object

4623

x-kubernetes-map-type: atomic

4624

namespaces:

4625

description: namespaces specifies a static list of namespace names that the term applies to.

4626

items:

4627

type: string

4628

type: array

4629

topologyKey:

4630

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

4631

type: string

4632

required:

4633

- topologyKey

4634

type: object

4635

type: array

4636

type: object

4637

podAntiAffinity:

4638

description: Describes pod anti-affinity scheduling rules (e.g.

4639

properties:

4640

preferredDuringSchedulingIgnoredDuringExecution:

4641

description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini

4642

items:

4643

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

4644

properties:

4645

podAffinityTerm:

4646

description: Required. A pod affinity term, associated with the corresponding weight.

4647

properties:

4648

labelSelector:

4649

description: A label query over a set of resources, in this case pods.

4650

properties:

4651

matchExpressions:

4652

description: matchExpressions is a list of label selector requirements.

4653

items:

4654

description: A label selector requirement is a selector that contains values, a key, and an o

4655

properties:

4656

key:

4657

description: key is the label key that the selector applies to.

4658

type: string

4659

operator:

4660

description: operator represents a key's relationship to a set of values.

4661

type: string

4662

values:

4663

description: values is an array of string values.

4664

items:

4665

type: string

4666

type: array

4667

required:

4668

- key

4669

- operator

4670

type: object

4671

type: array

4672

matchLabels:

4673

additionalProperties:

4674

type: string

4675

description: matchLabels is a map of {key,value} pairs.

4676

type: object

4677

type: object

4678

x-kubernetes-map-type: atomic

4679

namespaceSelector:

4680

description: A label query over the set of namespaces that the term applies to.

4681

properties:

4682

matchExpressions:

4683

description: matchExpressions is a list of label selector requirements.

4684

items:

4685

description: A label selector requirement is a selector that contains values, a key, and an o

4686

properties:

4687

key:

4688

description: key is the label key that the selector applies to.

4689

type: string

4690

operator:

4691

description: operator represents a key's relationship to a set of values.

4692

type: string

4693

values:

4694

description: values is an array of string values.

4695

items:

4696

type: string

4697

type: array

4698

required:

4699

- key

4700

- operator

4701

type: object

4702

type: array

4703

matchLabels:

4704

additionalProperties:

4705

type: string

4706

description: matchLabels is a map of {key,value} pairs.

4707

type: object

4708

type: object

4709

x-kubernetes-map-type: atomic

4710

namespaces:

4711

description: namespaces specifies a static list of namespace names that the term applies to.

4712

items:

4713

type: string

4714

type: array

4715

topologyKey:

4716

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

4717

type: string

4718

required:

4719

- topologyKey

4720

type: object

4721

weight:

4722

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

4723

format: int32

4724

type: integer

4725

required:

4726

- podAffinityTerm

4727

- weight

4728

type: object

4729

type: array

4730

requiredDuringSchedulingIgnoredDuringExecution:

4731

description: If the anti-affinity requirements specified by this field are not met at schedul

4732

items:

4733

description: Defines a set of pods (namely those matching the labelSelector relative to the g

4734

properties:

4735

labelSelector:

4736

description: A label query over a set of resources, in this case pods.

4737

properties:

4738

matchExpressions:

4739

description: matchExpressions is a list of label selector requirements.

4740

items:

4741

description: A label selector requirement is a selector that contains values, a key, and an o

4742

properties:

4743

key:

4744

description: key is the label key that the selector applies to.

4745

type: string

4746

operator:

4747

description: operator represents a key's relationship to a set of values.

4748

type: string

4749

values:

4750

description: values is an array of string values.

4751

items:

4752

type: string

4753

type: array

4754

required:

4755

- key

4756

- operator

4757

type: object

4758

type: array

4759

matchLabels:

4760

additionalProperties:

4761

type: string

4762

description: matchLabels is a map of {key,value} pairs.

4763

type: object

4764

type: object

4765

x-kubernetes-map-type: atomic

4766

namespaceSelector:

4767

description: A label query over the set of namespaces that the term applies to.

4768

properties:

4769

matchExpressions:

4770

description: matchExpressions is a list of label selector requirements.

4771

items:

4772

description: A label selector requirement is a selector that contains values, a key, and an o

4773

properties:

4774

key:

4775

description: key is the label key that the selector applies to.

4776

type: string

4777

operator:

4778

description: operator represents a key's relationship to a set of values.

4779

type: string

4780

values:

4781

description: values is an array of string values.

4782

items:

4783

type: string

4784

type: array

4785

required:

4786

- key

4787

- operator

4788

type: object

4789

type: array

4790

matchLabels:

4791

additionalProperties:

4792

type: string

4793

description: matchLabels is a map of {key,value} pairs.

4794

type: object

4795

type: object

4796

x-kubernetes-map-type: atomic

4797

namespaces:

4798

description: namespaces specifies a static list of namespace names that the term applies to.

4799

items:

4800

type: string

4801

type: array

4802

topologyKey:

4803

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

4804

type: string

4805

required:

4806

- topologyKey

4807

type: object

4808

type: array

4809

type: object

4810

type: object

4811

automountServiceAccountToken:

4812

description: AutomountServiceAccountToken indicates whether a service account token should be

4813

type: boolean

4814

containers:

4815

description: List of containers belonging to the pod.

4816

items:

4817

description: A single application container that you want to run within a pod.

4818

properties:

4819

args:

4820

description: Arguments to the entrypoint.

4821

items:

4822

type: string

4823

type: array

4824

command:

4825

description: Entrypoint array. Not executed within a shell.

4826

items:

4827

type: string

4828

type: array

4829

env:

4830

description: List of environment variables to set in the container. Cannot be updated.

4831

items:

4832

description: EnvVar represents an environment variable present in a Container.

4833

properties:

4834

name:

4835

description: Name of the environment variable. Must be a C_IDENTIFIER.

4836

type: string

4837

value:

4838

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

4839

type: string

4840

valueFrom:

4841

description: Source for the environment variable's value.

4842

properties:

4843

configMapKeyRef:

4844

description: Selects a key of a ConfigMap.

4845

properties:

4846

key:

4847

description: The key to select.

4848

type: string

4849

name:

4850

description: 'Name of the referent. More info: https://kubernetes.'

4851

type: string

4852

optional:

4853

description: Specify whether the ConfigMap or its key must be defined

4854

type: boolean

4855

required:

4856

- key

4857

type: object

4858

x-kubernetes-map-type: atomic

4859

fieldRef:

4860

description: 'Selects a field of the pod: supports metadata.name, metadata.'

4861

properties:

4862

apiVersion:

4863

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

4864

type: string

4865

fieldPath:

4866

description: Path of the field to select in the specified API version.

4867

type: string

4868

required:

4869

- fieldPath

4870

type: object

4871

x-kubernetes-map-type: atomic

4872

resourceFieldRef:

4873

description: 'Selects a resource of the container: only resources limits and requests (limits.'

4874

properties:

4875

containerName:

4876

description: 'Container name: required for volumes, optional for env vars'

4877

type: string

4878

divisor:

4879

anyOf:

4880

- type: integer

4881

- type: string

4882

description: Specifies the output format of the exposed resources, defaults to "1"

4883

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

4884

x-kubernetes-int-or-string: true

4885

resource:

4886

description: 'Required: resource to select'

4887

type: string

4888

required:

4889

- resource

4890

type: object

4891

x-kubernetes-map-type: atomic

4892

secretKeyRef:

4893

description: Selects a key of a secret in the pod's namespace

4894

properties:

4895

key:

4896

description: The key of the secret to select from. Must be a valid secret key.

4897

type: string

4898

name:

4899

description: 'Name of the referent. More info: https://kubernetes.'

4900

type: string

4901

optional:

4902

description: Specify whether the Secret or its key must be defined

4903

type: boolean

4904

required:

4905

- key

4906

type: object

4907

x-kubernetes-map-type: atomic

4908

type: object

4909

required:

4910

- name

4911

type: object

4912

type: array

4913

envFrom:

4914

description: List of sources to populate environment variables in the container.

4915

items:

4916

description: EnvFromSource represents the source of a set of ConfigMaps

4917

properties:

4918

configMapRef:

4919

description: The ConfigMap to select from

4920

properties:

4921

name:

4922

description: 'Name of the referent. More info: https://kubernetes.'

4923

type: string

4924

optional:

4925

description: Specify whether the ConfigMap must be defined

4926

type: boolean

4927

type: object

4928

x-kubernetes-map-type: atomic

4929

prefix:

4930

description: An optional identifier to prepend to each key in the ConfigMap.

4931

type: string

4932

secretRef:

4933

description: The Secret to select from

4934

properties:

4935

name:

4936

description: 'Name of the referent. More info: https://kubernetes.'

4937

type: string

4938

optional:

4939

description: Specify whether the Secret must be defined

4940

type: boolean

4941

type: object

4942

x-kubernetes-map-type: atomic

4943

type: object

4944

type: array

4945

image:

4946

description: 'Docker image name. More info: https://kubernetes.'

4947

type: string

4948

imagePullPolicy:

4949

description: Image pull policy. One of Always, Never, IfNotPresent.

4950

type: string

4951

lifecycle:

4952

description: Actions that the management system should take in response to container lifecycl

4953

properties:

4954

postStart:

4955

description: PostStart is called immediately after a container is created.

4956

properties:

4957

exec:

4958

description: Exec specifies the action to take.

4959

properties:

4960

command:

4961

description: Command is the command line to execute inside the container, the working directo

4962

items:

4963

type: string

4964

type: array

4965

type: object

4966

httpGet:

4967

description: HTTPGet specifies the http request to perform.

4968

properties:

4969

host:

4970

description: Host name to connect to, defaults to the pod IP.

4971

type: string

4972

httpHeaders:

4973

description: Custom headers to set in the request. HTTP allows repeated headers.

4974

items:

4975

description: HTTPHeader describes a custom header to be used in HTTP probes

4976

properties:

4977

name:

4978

description: The header field name

4979

type: string

4980

value:

4981

description: The header field value

4982

type: string

4983

required:

4984

- name

4985

- value

4986

type: object

4987

type: array

4988

path:

4989

description: Path to access on the HTTP server.

4990

type: string

4991

port:

4992

anyOf:

4993

- type: integer

4994

- type: string

4995

description: Name or number of the port to access on the container.

4996

x-kubernetes-int-or-string: true

4997

scheme:

4998

description: Scheme to use for connecting to the host. Defaults to HTTP.

4999

type: string

5000

required:

5001

- port

5002

type: object

5003

tcpSocket:

5004

description: Deprecated.

5005

properties:

5006

host:

5007

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5008

type: string

5009

port:

5010

anyOf:

5011

- type: integer

5012

- type: string

5013

description: Number or name of the port to access on the container.

5014

x-kubernetes-int-or-string: true

5015

required:

5016

- port

5017

type: object

5018

type: object

5019

preStop:

5020

description: PreStop is called immediately before a container is terminated due to an API req

5021

properties:

5022

exec:

5023

description: Exec specifies the action to take.

5024

properties:

5025

command:

5026

description: Command is the command line to execute inside the container, the working directo

5027

items:

5028

type: string

5029

type: array

5030

type: object

5031

httpGet:

5032

description: HTTPGet specifies the http request to perform.

5033

properties:

5034

host:

5035

description: Host name to connect to, defaults to the pod IP.

5036

type: string

5037

httpHeaders:

5038

description: Custom headers to set in the request. HTTP allows repeated headers.

5039

items:

5040

description: HTTPHeader describes a custom header to be used in HTTP probes

5041

properties:

5042

name:

5043

description: The header field name

5044

type: string

5045

value:

5046

description: The header field value

5047

type: string

5048

required:

5049

- name

5050

- value

5051

type: object

5052

type: array

5053

path:

5054

description: Path to access on the HTTP server.

5055

type: string

5056

port:

5057

anyOf:

5058

- type: integer

5059

- type: string

5060

description: Name or number of the port to access on the container.

5061

x-kubernetes-int-or-string: true

5062

scheme:

5063

description: Scheme to use for connecting to the host. Defaults to HTTP.

5064

type: string

5065

required:

5066

- port

5067

type: object

5068

tcpSocket:

5069

description: Deprecated.

5070

properties:

5071

host:

5072

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5073

type: string

5074

port:

5075

anyOf:

5076

- type: integer

5077

- type: string

5078

description: Number or name of the port to access on the container.

5079

x-kubernetes-int-or-string: true

5080

required:

5081

- port

5082

type: object

5083

type: object

5084

type: object

5085

livenessProbe:

5086

description: Periodic probe of container liveness.

5087

properties:

5088

exec:

5089

description: Exec specifies the action to take.

5090

properties:

5091

command:

5092

description: Command is the command line to execute inside the container, the working directo

5093

items:

5094

type: string

5095

type: array

5096

type: object

5097

failureThreshold:

5098

description: 'Minimum consecutive failures for the probe to be considered failed after having '

5099

format: int32

5100

type: integer

5101

grpc:

5102

description: GRPC specifies an action involving a GRPC port.

5103

properties:

5104

port:

5105

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

5106

format: int32

5107

type: integer

5108

service:

5109

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

5110

type: string

5111

required:

5112

- port

5113

type: object

5114

httpGet:

5115

description: HTTPGet specifies the http request to perform.

5116

properties:

5117

host:

5118

description: Host name to connect to, defaults to the pod IP.

5119

type: string

5120

httpHeaders:

5121

description: Custom headers to set in the request. HTTP allows repeated headers.

5122

items:

5123

description: HTTPHeader describes a custom header to be used in HTTP probes

5124

properties:

5125

name:

5126

description: The header field name

5127

type: string

5128

value:

5129

description: The header field value

5130

type: string

5131

required:

5132

- name

5133

- value

5134

type: object

5135

type: array

5136

path:

5137

description: Path to access on the HTTP server.

5138

type: string

5139

port:

5140

anyOf:

5141

- type: integer

5142

- type: string

5143

description: Name or number of the port to access on the container.

5144

x-kubernetes-int-or-string: true

5145

scheme:

5146

description: Scheme to use for connecting to the host. Defaults to HTTP.

5147

type: string

5148

required:

5149

- port

5150

type: object

5151

initialDelaySeconds:

5152

description: Number of seconds after the container has started before liveness probes are ini

5153

format: int32

5154

type: integer

5155

periodSeconds:

5156

description: How often (in seconds) to perform the probe. Default to 10 seconds.

5157

format: int32

5158

type: integer

5159

successThreshold:

5160

description: Minimum consecutive successes for the probe to be considered successful after ha

5161

format: int32

5162

type: integer

5163

tcpSocket:

5164

description: TCPSocket specifies an action involving a TCP port.

5165

properties:

5166

host:

5167

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5168

type: string

5169

port:

5170

anyOf:

5171

- type: integer

5172

- type: string

5173

description: Number or name of the port to access on the container.

5174

x-kubernetes-int-or-string: true

5175

required:

5176

- port

5177

type: object

5178

terminationGracePeriodSeconds:

5179

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

5180

format: int64

5181

type: integer

5182

timeoutSeconds:

5183

description: Number of seconds after which the probe times out. Defaults to 1 second.

5184

format: int32

5185

type: integer

5186

type: object

5187

name:

5188

description: Name of the container specified as a DNS_LABEL.

5189

type: string

5190

ports:

5191

description: List of ports to expose from the container.

5192

items:

5193

description: ContainerPort represents a network port in a single container.

5194

properties:

5195

containerPort:

5196

description: Number of port to expose on the pod's IP address.

5197

format: int32

5198

type: integer

5199

hostIP:

5200

description: What host IP to bind the external port to.

5201

type: string

5202

hostPort:

5203

description: Number of port to expose on the host.

5204

format: int32

5205

type: integer

5206

name:

5207

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

5208

type: string

5209

protocol:

5210

default: TCP

5211

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

5212

type: string

5213

required:

5214

- containerPort

5215

type: object

5216

type: array

5217

x-kubernetes-list-map-keys:

5218

- containerPort

5219

- protocol

5220

x-kubernetes-list-type: map

5221

readinessProbe:

5222

description: Periodic probe of container service readiness.

5223

properties:

5224

exec:

5225

description: Exec specifies the action to take.

5226

properties:

5227

command:

5228

description: Command is the command line to execute inside the container, the working directo

5229

items:

5230

type: string

5231

type: array

5232

type: object

5233

failureThreshold:

5234

description: 'Minimum consecutive failures for the probe to be considered failed after having '

5235

format: int32

5236

type: integer

5237

grpc:

5238

description: GRPC specifies an action involving a GRPC port.

5239

properties:

5240

port:

5241

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

5242

format: int32

5243

type: integer

5244

service:

5245

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

5246

type: string

5247

required:

5248

- port

5249

type: object

5250

httpGet:

5251

description: HTTPGet specifies the http request to perform.

5252

properties:

5253

host:

5254

description: Host name to connect to, defaults to the pod IP.

5255

type: string

5256

httpHeaders:

5257

description: Custom headers to set in the request. HTTP allows repeated headers.

5258

items:

5259

description: HTTPHeader describes a custom header to be used in HTTP probes

5260

properties:

5261

name:

5262

description: The header field name

5263

type: string

5264

value:

5265

description: The header field value

5266

type: string

5267

required:

5268

- name

5269

- value

5270

type: object

5271

type: array

5272

path:

5273

description: Path to access on the HTTP server.

5274

type: string

5275

port:

5276

anyOf:

5277

- type: integer

5278

- type: string

5279

description: Name or number of the port to access on the container.

5280

x-kubernetes-int-or-string: true

5281

scheme:

5282

description: Scheme to use for connecting to the host. Defaults to HTTP.

5283

type: string

5284

required:

5285

- port

5286

type: object

5287

initialDelaySeconds:

5288

description: Number of seconds after the container has started before liveness probes are ini

5289

format: int32

5290

type: integer

5291

periodSeconds:

5292

description: How often (in seconds) to perform the probe. Default to 10 seconds.

5293

format: int32

5294

type: integer

5295

successThreshold:

5296

description: Minimum consecutive successes for the probe to be considered successful after ha

5297

format: int32

5298

type: integer

5299

tcpSocket:

5300

description: TCPSocket specifies an action involving a TCP port.

5301

properties:

5302

host:

5303

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5304

type: string

5305

port:

5306

anyOf:

5307

- type: integer

5308

- type: string

5309

description: Number or name of the port to access on the container.

5310

x-kubernetes-int-or-string: true

5311

required:

5312

- port

5313

type: object

5314

terminationGracePeriodSeconds:

5315

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

5316

format: int64

5317

type: integer

5318

timeoutSeconds:

5319

description: Number of seconds after which the probe times out. Defaults to 1 second.

5320

format: int32

5321

type: integer

5322

type: object

5323

resources:

5324

description: Compute Resources required by this container. Cannot be updated.

5325

properties:

5326

limits:

5327

additionalProperties:

5328

anyOf:

5329

- type: integer

5330

- type: string

5331

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

5332

x-kubernetes-int-or-string: true

5333

description: Limits describes the maximum amount of compute resources allowed.

5334

type: object

5335

requests:

5336

additionalProperties:

5337

anyOf:

5338

- type: integer

5339

- type: string

5340

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

5341

x-kubernetes-int-or-string: true

5342

description: Requests describes the minimum amount of compute resources required.

5343

type: object

5344

type: object

5345

securityContext:

5346

description: SecurityContext defines the security options the container should be run with.

5347

properties:

5348

allowPrivilegeEscalation:

5349

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

5350

type: boolean

5351

capabilities:

5352

description: The capabilities to add/drop when running containers.

5353

properties:

5354

add:

5355

description: Added capabilities

5356

items:

5357

description: Capability represent POSIX capabilities type

5358

type: string

5359

type: array

5360

drop:

5361

description: Removed capabilities

5362

items:

5363

description: Capability represent POSIX capabilities type

5364

type: string

5365

type: array

5366

type: object

5367

privileged:

5368

description: Run container in privileged mode.

5369

type: boolean

5370

procMount:

5371

description: procMount denotes the type of proc mount to use for the containers.

5372

type: string

5373

readOnlyRootFilesystem:

5374

description: Whether this container has a read-only root filesystem. Default is false.

5375

type: boolean

5376

runAsGroup:

5377

description: The GID to run the entrypoint of the container process.

5378

format: int64

5379

type: integer

5380

runAsNonRoot:

5381

description: Indicates that the container must run as a non-root user.

5382

type: boolean

5383

runAsUser:

5384

description: The UID to run the entrypoint of the container process.

5385

format: int64

5386

type: integer

5387

seLinuxOptions:

5388

description: The SELinux context to be applied to the container.

5389

properties:

5390

level:

5391

description: Level is SELinux level label that applies to the container.

5392

type: string

5393

role:

5394

description: Role is a SELinux role label that applies to the container.

5395

type: string

5396

type:

5397

description: Type is a SELinux type label that applies to the container.

5398

type: string

5399

user:

5400

description: User is a SELinux user label that applies to the container.

5401

type: string

5402

type: object

5403

seccompProfile:

5404

description: The seccomp options to use by this container.

5405

properties:

5406

localhostProfile:

5407

description: localhostProfile indicates a profile defined in a file on the node should be use

5408

type: string

5409

type:

5410

description: type indicates which kind of seccomp profile will be applied.

5411

type: string

5412

required:

5413

- type

5414

type: object

5415

windowsOptions:

5416

description: The Windows specific settings applied to all containers.

5417

properties:

5418

gmsaCredentialSpec:

5419

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

5420

type: string

5421

gmsaCredentialSpecName:

5422

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

5423

type: string

5424

hostProcess:

5425

description: HostProcess determines if a container should be run as a 'Host Process' containe

5426

type: boolean

5427

runAsUserName:

5428

description: The UserName in Windows to run the entrypoint of the container process.

5429

type: string

5430

type: object

5431

type: object

5432

startupProbe:

5433

description: StartupProbe indicates that the Pod has successfully initialized.

5434

properties:

5435

exec:

5436

description: Exec specifies the action to take.

5437

properties:

5438

command:

5439

description: Command is the command line to execute inside the container, the working directo

5440

items:

5441

type: string

5442

type: array

5443

type: object

5444

failureThreshold:

5445

description: 'Minimum consecutive failures for the probe to be considered failed after having '

5446

format: int32

5447

type: integer

5448

grpc:

5449

description: GRPC specifies an action involving a GRPC port.

5450

properties:

5451

port:

5452

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

5453

format: int32

5454

type: integer

5455

service:

5456

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

5457

type: string

5458

required:

5459

- port

5460

type: object

5461

httpGet:

5462

description: HTTPGet specifies the http request to perform.

5463

properties:

5464

host:

5465

description: Host name to connect to, defaults to the pod IP.

5466

type: string

5467

httpHeaders:

5468

description: Custom headers to set in the request. HTTP allows repeated headers.

5469

items:

5470

description: HTTPHeader describes a custom header to be used in HTTP probes

5471

properties:

5472

name:

5473

description: The header field name

5474

type: string

5475

value:

5476

description: The header field value

5477

type: string

5478

required:

5479

- name

5480

- value

5481

type: object

5482

type: array

5483

path:

5484

description: Path to access on the HTTP server.

5485

type: string

5486

port:

5487

anyOf:

5488

- type: integer

5489

- type: string

5490

description: Name or number of the port to access on the container.

5491

x-kubernetes-int-or-string: true

5492

scheme:

5493

description: Scheme to use for connecting to the host. Defaults to HTTP.

5494

type: string

5495

required:

5496

- port

5497

type: object

5498

initialDelaySeconds:

5499

description: Number of seconds after the container has started before liveness probes are ini

5500

format: int32

5501

type: integer

5502

periodSeconds:

5503

description: How often (in seconds) to perform the probe. Default to 10 seconds.

5504

format: int32

5505

type: integer

5506

successThreshold:

5507

description: Minimum consecutive successes for the probe to be considered successful after ha

5508

format: int32

5509

type: integer

5510

tcpSocket:

5511

description: TCPSocket specifies an action involving a TCP port.

5512

properties:

5513

host:

5514

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5515

type: string

5516

port:

5517

anyOf:

5518

- type: integer

5519

- type: string

5520

description: Number or name of the port to access on the container.

5521

x-kubernetes-int-or-string: true

5522

required:

5523

- port

5524

type: object

5525

terminationGracePeriodSeconds:

5526

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

5527

format: int64

5528

type: integer

5529

timeoutSeconds:

5530

description: Number of seconds after which the probe times out. Defaults to 1 second.

5531

format: int32

5532

type: integer

5533

type: object

5534

stdin:

5535

description: Whether this container should allocate a buffer for stdin in the container runti

5536

type: boolean

5537

stdinOnce:

5538

description: Whether the container runtime should close the stdin channel after it has been o

5539

type: boolean

5540

terminationMessagePath:

5541

description: 'Optional: Path at which the file to which the container''s termination message wi'

5542

type: string

5543

terminationMessagePolicy:

5544

description: Indicate how the termination message should be populated.

5545

type: string

5546

tty:

5547

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

5548

type: boolean

5549

volumeDevices:

5550

description: volumeDevices is the list of block devices to be used by the container.

5551

items:

5552

description: volumeDevice describes a mapping of a raw block device within a container.

5553

properties:

5554

devicePath:

5555

description: devicePath is the path inside of the container that the device will be mapped to

5556

type: string

5557

name:

5558

description: name must match the name of a persistentVolumeClaim in the pod

5559

type: string

5560

required:

5561

- devicePath

5562

- name

5563

type: object

5564

type: array

5565

volumeMounts:

5566

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

5567

items:

5568

description: VolumeMount describes a mounting of a Volume within a container.

5569

properties:

5570

mountPath:

5571

description: Path within the container at which the volume should be mounted.

5572

type: string

5573

mountPropagation:

5574

description: mountPropagation determines how mounts are propagated from the host to container

5575

type: string

5576

name:

5577

description: This must match the Name of a Volume.

5578

type: string

5579

readOnly:

5580

description: Mounted read-only if true, read-write otherwise (false or unspecified).

5581

type: boolean

5582

subPath:

5583

description: Path within the volume from which the container's volume should be mounted.

5584

type: string

5585

subPathExpr:

5586

description: Expanded path within the volume from which the container's volume should be moun

5587

type: string

5588

required:

5589

- mountPath

5590

- name

5591

type: object

5592

type: array

5593

workingDir:

5594

description: Container's working directory.

5595

type: string

5596

required:

5597

- name

5598

type: object

5599

type: array

5600

dnsConfig:

5601

description: Specifies the DNS parameters of a pod.

5602

properties:

5603

nameservers:

5604

description: A list of DNS name server IP addresses.

5605

items:

5606

type: string

5607

type: array

5608

options:

5609

description: A list of DNS resolver options.

5610

items:

5611

description: PodDNSConfigOption defines DNS resolver options of a pod.

5612

properties:

5613

name:

5614

description: Required.

5615

type: string

5616

value:

5617

type: string

5618

type: object

5619

type: array

5620

searches:

5621

description: A list of DNS search domains for host-name lookup.

5622

items:

5623

type: string

5624

type: array

5625

type: object

5626

dnsPolicy:

5627

description: Set DNS policy for the pod. Defaults to "ClusterFirst".

5628

type: string

5629

enableServiceLinks:

5630

description: EnableServiceLinks indicates whether information about services should be inject

5631

type: boolean

5632

ephemeralContainers:

5633

description: List of ephemeral containers run in this pod.

5634

items:

5635

description: An EphemeralContainer is a temporary container that you may add to an existing P

5636

properties:

5637

args:

5638

description: Arguments to the entrypoint.

5639

items:

5640

type: string

5641

type: array

5642

command:

5643

description: Entrypoint array. Not executed within a shell.

5644

items:

5645

type: string

5646

type: array

5647

env:

5648

description: List of environment variables to set in the container. Cannot be updated.

5649

items:

5650

description: EnvVar represents an environment variable present in a Container.

5651

properties:

5652

name:

5653

description: Name of the environment variable. Must be a C_IDENTIFIER.

5654

type: string

5655

value:

5656

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

5657

type: string

5658

valueFrom:

5659

description: Source for the environment variable's value.

5660

properties:

5661

configMapKeyRef:

5662

description: Selects a key of a ConfigMap.

5663

properties:

5664

key:

5665

description: The key to select.

5666

type: string

5667

name:

5668

description: 'Name of the referent. More info: https://kubernetes.'

5669

type: string

5670

optional:

5671

description: Specify whether the ConfigMap or its key must be defined

5672

type: boolean

5673

required:

5674

- key

5675

type: object

5676

x-kubernetes-map-type: atomic

5677

fieldRef:

5678

description: 'Selects a field of the pod: supports metadata.name, metadata.'

5679

properties:

5680

apiVersion:

5681

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

5682

type: string

5683

fieldPath:

5684

description: Path of the field to select in the specified API version.

5685

type: string

5686

required:

5687

- fieldPath

5688

type: object

5689

x-kubernetes-map-type: atomic

5690

resourceFieldRef:

5691

description: 'Selects a resource of the container: only resources limits and requests (limits.'

5692

properties:

5693

containerName:

5694

description: 'Container name: required for volumes, optional for env vars'

5695

type: string

5696

divisor:

5697

anyOf:

5698

- type: integer

5699

- type: string

5700

description: Specifies the output format of the exposed resources, defaults to "1"

5701

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

5702

x-kubernetes-int-or-string: true

5703

resource:

5704

description: 'Required: resource to select'

5705

type: string

5706

required:

5707

- resource

5708

type: object

5709

x-kubernetes-map-type: atomic

5710

secretKeyRef:

5711

description: Selects a key of a secret in the pod's namespace

5712

properties:

5713

key:

5714

description: The key of the secret to select from. Must be a valid secret key.

5715

type: string

5716

name:

5717

description: 'Name of the referent. More info: https://kubernetes.'

5718

type: string

5719

optional:

5720

description: Specify whether the Secret or its key must be defined

5721

type: boolean

5722

required:

5723

- key

5724

type: object

5725

x-kubernetes-map-type: atomic

5726

type: object

5727

required:

5728

- name

5729

type: object

5730

type: array

5731

envFrom:

5732

description: List of sources to populate environment variables in the container.

5733

items:

5734

description: EnvFromSource represents the source of a set of ConfigMaps

5735

properties:

5736

configMapRef:

5737

description: The ConfigMap to select from

5738

properties:

5739

name:

5740

description: 'Name of the referent. More info: https://kubernetes.'

5741

type: string

5742

optional:

5743

description: Specify whether the ConfigMap must be defined

5744

type: boolean

5745

type: object

5746

x-kubernetes-map-type: atomic

5747

prefix:

5748

description: An optional identifier to prepend to each key in the ConfigMap.

5749

type: string

5750

secretRef:

5751

description: The Secret to select from

5752

properties:

5753

name:

5754

description: 'Name of the referent. More info: https://kubernetes.'

5755

type: string

5756

optional:

5757

description: Specify whether the Secret must be defined

5758

type: boolean

5759

type: object

5760

x-kubernetes-map-type: atomic

5761

type: object

5762

type: array

5763

image:

5764

description: 'Docker image name. More info: https://kubernetes.'

5765

type: string

5766

imagePullPolicy:

5767

description: Image pull policy. One of Always, Never, IfNotPresent.

5768

type: string

5769

lifecycle:

5770

description: Lifecycle is not allowed for ephemeral containers.

5771

properties:

5772

postStart:

5773

description: PostStart is called immediately after a container is created.

5774

properties:

5775

exec:

5776

description: Exec specifies the action to take.

5777

properties:

5778

command:

5779

description: Command is the command line to execute inside the container, the working directo

5780

items:

5781

type: string

5782

type: array

5783

type: object

5784

httpGet:

5785

description: HTTPGet specifies the http request to perform.

5786

properties:

5787

host:

5788

description: Host name to connect to, defaults to the pod IP.

5789

type: string

5790

httpHeaders:

5791

description: Custom headers to set in the request. HTTP allows repeated headers.

5792

items:

5793

description: HTTPHeader describes a custom header to be used in HTTP probes

5794

properties:

5795

name:

5796

description: The header field name

5797

type: string

5798

value:

5799

description: The header field value

5800

type: string

5801

required:

5802

- name

5803

- value

5804

type: object

5805

type: array

5806

path:

5807

description: Path to access on the HTTP server.

5808

type: string

5809

port:

5810

anyOf:

5811

- type: integer

5812

- type: string

5813

description: Name or number of the port to access on the container.

5814

x-kubernetes-int-or-string: true

5815

scheme:

5816

description: Scheme to use for connecting to the host. Defaults to HTTP.

5817

type: string

5818

required:

5819

- port

5820

type: object

5821

tcpSocket:

5822

description: Deprecated.

5823

properties:

5824

host:

5825

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5826

type: string

5827

port:

5828

anyOf:

5829

- type: integer

5830

- type: string

5831

description: Number or name of the port to access on the container.

5832

x-kubernetes-int-or-string: true

5833

required:

5834

- port

5835

type: object

5836

type: object

5837

preStop:

5838

description: PreStop is called immediately before a container is terminated due to an API req

5839

properties:

5840

exec:

5841

description: Exec specifies the action to take.

5842

properties:

5843

command:

5844

description: Command is the command line to execute inside the container, the working directo

5845

items:

5846

type: string

5847

type: array

5848

type: object

5849

httpGet:

5850

description: HTTPGet specifies the http request to perform.

5851

properties:

5852

host:

5853

description: Host name to connect to, defaults to the pod IP.

5854

type: string

5855

httpHeaders:

5856

description: Custom headers to set in the request. HTTP allows repeated headers.

5857

items:

5858

description: HTTPHeader describes a custom header to be used in HTTP probes

5859

properties:

5860

name:

5861

description: The header field name

5862

type: string

5863

value:

5864

description: The header field value

5865

type: string

5866

required:

5867

- name

5868

- value

5869

type: object

5870

type: array

5871

path:

5872

description: Path to access on the HTTP server.

5873

type: string

5874

port:

5875

anyOf:

5876

- type: integer

5877

- type: string

5878

description: Name or number of the port to access on the container.

5879

x-kubernetes-int-or-string: true

5880

scheme:

5881

description: Scheme to use for connecting to the host. Defaults to HTTP.

5882

type: string

5883

required:

5884

- port

5885

type: object

5886

tcpSocket:

5887

description: Deprecated.

5888

properties:

5889

host:

5890

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5891

type: string

5892

port:

5893

anyOf:

5894

- type: integer

5895

- type: string

5896

description: Number or name of the port to access on the container.

5897

x-kubernetes-int-or-string: true

5898

required:

5899

- port

5900

type: object

5901

type: object

5902

type: object

5903

livenessProbe:

5904

description: Probes are not allowed for ephemeral containers.

5905

properties:

5906

exec:

5907

description: Exec specifies the action to take.

5908

properties:

5909

command:

5910

description: Command is the command line to execute inside the container, the working directo

5911

items:

5912

type: string

5913

type: array

5914

type: object

5915

failureThreshold:

5916

description: 'Minimum consecutive failures for the probe to be considered failed after having '

5917

format: int32

5918

type: integer

5919

grpc:

5920

description: GRPC specifies an action involving a GRPC port.

5921

properties:

5922

port:

5923

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

5924

format: int32

5925

type: integer

5926

service:

5927

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

5928

type: string

5929

required:

5930

- port

5931

type: object

5932

httpGet:

5933

description: HTTPGet specifies the http request to perform.

5934

properties:

5935

host:

5936

description: Host name to connect to, defaults to the pod IP.

5937

type: string

5938

httpHeaders:

5939

description: Custom headers to set in the request. HTTP allows repeated headers.

5940

items:

5941

description: HTTPHeader describes a custom header to be used in HTTP probes

5942

properties:

5943

name:

5944

description: The header field name

5945

type: string

5946

value:

5947

description: The header field value

5948

type: string

5949

required:

5950

- name

5951

- value

5952

type: object

5953

type: array

5954

path:

5955

description: Path to access on the HTTP server.

5956

type: string

5957

port:

5958

anyOf:

5959

- type: integer

5960

- type: string

5961

description: Name or number of the port to access on the container.

5962

x-kubernetes-int-or-string: true

5963

scheme:

5964

description: Scheme to use for connecting to the host. Defaults to HTTP.

5965

type: string

5966

required:

5967

- port

5968

type: object

5969

initialDelaySeconds:

5970

description: Number of seconds after the container has started before liveness probes are ini

5971

format: int32

5972

type: integer

5973

periodSeconds:

5974

description: How often (in seconds) to perform the probe. Default to 10 seconds.

5975

format: int32

5976

type: integer

5977

successThreshold:

5978

description: Minimum consecutive successes for the probe to be considered successful after ha

5979

format: int32

5980

type: integer

5981

tcpSocket:

5982

description: TCPSocket specifies an action involving a TCP port.

5983

properties:

5984

host:

5985

description: 'Optional: Host name to connect to, defaults to the pod IP.'

5986

type: string

5987

port:

5988

anyOf:

5989

- type: integer

5990

- type: string

5991

description: Number or name of the port to access on the container.

5992

x-kubernetes-int-or-string: true

5993

required:

5994

- port

5995

type: object

5996

terminationGracePeriodSeconds:

5997

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

5998

format: int64

5999

type: integer

6000

timeoutSeconds:

6001

description: Number of seconds after which the probe times out. Defaults to 1 second.

6002

format: int32

6003

type: integer

6004

type: object

6005

name:

6006

description: Name of the ephemeral container specified as a DNS_LABEL.

6007

type: string

6008

ports:

6009

description: Ports are not allowed for ephemeral containers.

6010

items:

6011

description: ContainerPort represents a network port in a single container.

6012

properties:

6013

containerPort:

6014

description: Number of port to expose on the pod's IP address.

6015

format: int32

6016

type: integer

6017

hostIP:

6018

description: What host IP to bind the external port to.

6019

type: string

6020

hostPort:

6021

description: Number of port to expose on the host.

6022

format: int32

6023

type: integer

6024

name:

6025

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

6026

type: string

6027

protocol:

6028

default: TCP

6029

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

6030

type: string

6031

required:

6032

- containerPort

6033

type: object

6034

type: array

6035

x-kubernetes-list-map-keys:

6036

- containerPort

6037

- protocol

6038

x-kubernetes-list-type: map

6039

readinessProbe:

6040

description: Probes are not allowed for ephemeral containers.

6041

properties:

6042

exec:

6043

description: Exec specifies the action to take.

6044

properties:

6045

command:

6046

description: Command is the command line to execute inside the container, the working directo

6047

items:

6048

type: string

6049

type: array

6050

type: object

6051

failureThreshold:

6052

description: 'Minimum consecutive failures for the probe to be considered failed after having '

6053

format: int32

6054

type: integer

6055

grpc:

6056

description: GRPC specifies an action involving a GRPC port.

6057

properties:

6058

port:

6059

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

6060

format: int32

6061

type: integer

6062

service:

6063

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

6064

type: string

6065

required:

6066

- port

6067

type: object

6068

httpGet:

6069

description: HTTPGet specifies the http request to perform.

6070

properties:

6071

host:

6072

description: Host name to connect to, defaults to the pod IP.

6073

type: string

6074

httpHeaders:

6075

description: Custom headers to set in the request. HTTP allows repeated headers.

6076

items:

6077

description: HTTPHeader describes a custom header to be used in HTTP probes

6078

properties:

6079

name:

6080

description: The header field name

6081

type: string

6082

value:

6083

description: The header field value

6084

type: string

6085

required:

6086

- name

6087

- value

6088

type: object

6089

type: array

6090

path:

6091

description: Path to access on the HTTP server.

6092

type: string

6093

port:

6094

anyOf:

6095

- type: integer

6096

- type: string

6097

description: Name or number of the port to access on the container.

6098

x-kubernetes-int-or-string: true

6099

scheme:

6100

description: Scheme to use for connecting to the host. Defaults to HTTP.

6101

type: string

6102

required:

6103

- port

6104

type: object

6105

initialDelaySeconds:

6106

description: Number of seconds after the container has started before liveness probes are ini

6107

format: int32

6108

type: integer

6109

periodSeconds:

6110

description: How often (in seconds) to perform the probe. Default to 10 seconds.

6111

format: int32

6112

type: integer

6113

successThreshold:

6114

description: Minimum consecutive successes for the probe to be considered successful after ha

6115

format: int32

6116

type: integer

6117

tcpSocket:

6118

description: TCPSocket specifies an action involving a TCP port.

6119

properties:

6120

host:

6121

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6122

type: string

6123

port:

6124

anyOf:

6125

- type: integer

6126

- type: string

6127

description: Number or name of the port to access on the container.

6128

x-kubernetes-int-or-string: true

6129

required:

6130

- port

6131

type: object

6132

terminationGracePeriodSeconds:

6133

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

6134

format: int64

6135

type: integer

6136

timeoutSeconds:

6137

description: Number of seconds after which the probe times out. Defaults to 1 second.

6138

format: int32

6139

type: integer

6140

type: object

6141

resources:

6142

description: Resources are not allowed for ephemeral containers.

6143

properties:

6144

limits:

6145

additionalProperties:

6146

anyOf:

6147

- type: integer

6148

- type: string

6149

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

6150

x-kubernetes-int-or-string: true

6151

description: Limits describes the maximum amount of compute resources allowed.

6152

type: object

6153

requests:

6154

additionalProperties:

6155

anyOf:

6156

- type: integer

6157

- type: string

6158

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

6159

x-kubernetes-int-or-string: true

6160

description: Requests describes the minimum amount of compute resources required.

6161

type: object

6162

type: object

6163

securityContext:

6164

description: 'Optional: SecurityContext defines the security options the ephemeral container s'

6165

properties:

6166

allowPrivilegeEscalation:

6167

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

6168

type: boolean

6169

capabilities:

6170

description: The capabilities to add/drop when running containers.

6171

properties:

6172

add:

6173

description: Added capabilities

6174

items:

6175

description: Capability represent POSIX capabilities type

6176

type: string

6177

type: array

6178

drop:

6179

description: Removed capabilities

6180

items:

6181

description: Capability represent POSIX capabilities type

6182

type: string

6183

type: array

6184

type: object

6185

privileged:

6186

description: Run container in privileged mode.

6187

type: boolean

6188

procMount:

6189

description: procMount denotes the type of proc mount to use for the containers.

6190

type: string

6191

readOnlyRootFilesystem:

6192

description: Whether this container has a read-only root filesystem. Default is false.

6193

type: boolean

6194

runAsGroup:

6195

description: The GID to run the entrypoint of the container process.

6196

format: int64

6197

type: integer

6198

runAsNonRoot:

6199

description: Indicates that the container must run as a non-root user.

6200

type: boolean

6201

runAsUser:

6202

description: The UID to run the entrypoint of the container process.

6203

format: int64

6204

type: integer

6205

seLinuxOptions:

6206

description: The SELinux context to be applied to the container.

6207

properties:

6208

level:

6209

description: Level is SELinux level label that applies to the container.

6210

type: string

6211

role:

6212

description: Role is a SELinux role label that applies to the container.

6213

type: string

6214

type:

6215

description: Type is a SELinux type label that applies to the container.

6216

type: string

6217

user:

6218

description: User is a SELinux user label that applies to the container.

6219

type: string

6220

type: object

6221

seccompProfile:

6222

description: The seccomp options to use by this container.

6223

properties:

6224

localhostProfile:

6225

description: localhostProfile indicates a profile defined in a file on the node should be use

6226

type: string

6227

type:

6228

description: type indicates which kind of seccomp profile will be applied.

6229

type: string

6230

required:

6231

- type

6232

type: object

6233

windowsOptions:

6234

description: The Windows specific settings applied to all containers.

6235

properties:

6236

gmsaCredentialSpec:

6237

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

6238

type: string

6239

gmsaCredentialSpecName:

6240

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

6241

type: string

6242

hostProcess:

6243

description: HostProcess determines if a container should be run as a 'Host Process' containe

6244

type: boolean

6245

runAsUserName:

6246

description: The UserName in Windows to run the entrypoint of the container process.

6247

type: string

6248

type: object

6249

type: object

6250

startupProbe:

6251

description: Probes are not allowed for ephemeral containers.

6252

properties:

6253

exec:

6254

description: Exec specifies the action to take.

6255

properties:

6256

command:

6257

description: Command is the command line to execute inside the container, the working directo

6258

items:

6259

type: string

6260

type: array

6261

type: object

6262

failureThreshold:

6263

description: 'Minimum consecutive failures for the probe to be considered failed after having '

6264

format: int32

6265

type: integer

6266

grpc:

6267

description: GRPC specifies an action involving a GRPC port.

6268

properties:

6269

port:

6270

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

6271

format: int32

6272

type: integer

6273

service:

6274

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

6275

type: string

6276

required:

6277

- port

6278

type: object

6279

httpGet:

6280

description: HTTPGet specifies the http request to perform.

6281

properties:

6282

host:

6283

description: Host name to connect to, defaults to the pod IP.

6284

type: string

6285

httpHeaders:

6286

description: Custom headers to set in the request. HTTP allows repeated headers.

6287

items:

6288

description: HTTPHeader describes a custom header to be used in HTTP probes

6289

properties:

6290

name:

6291

description: The header field name

6292

type: string

6293

value:

6294

description: The header field value

6295

type: string

6296

required:

6297

- name

6298

- value

6299

type: object

6300

type: array

6301

path:

6302

description: Path to access on the HTTP server.

6303

type: string

6304

port:

6305

anyOf:

6306

- type: integer

6307

- type: string

6308

description: Name or number of the port to access on the container.

6309

x-kubernetes-int-or-string: true

6310

scheme:

6311

description: Scheme to use for connecting to the host. Defaults to HTTP.

6312

type: string

6313

required:

6314

- port

6315

type: object

6316

initialDelaySeconds:

6317

description: Number of seconds after the container has started before liveness probes are ini

6318

format: int32

6319

type: integer

6320

periodSeconds:

6321

description: How often (in seconds) to perform the probe. Default to 10 seconds.

6322

format: int32

6323

type: integer

6324

successThreshold:

6325

description: Minimum consecutive successes for the probe to be considered successful after ha

6326

format: int32

6327

type: integer

6328

tcpSocket:

6329

description: TCPSocket specifies an action involving a TCP port.

6330

properties:

6331

host:

6332

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6333

type: string

6334

port:

6335

anyOf:

6336

- type: integer

6337

- type: string

6338

description: Number or name of the port to access on the container.

6339

x-kubernetes-int-or-string: true

6340

required:

6341

- port

6342

type: object

6343

terminationGracePeriodSeconds:

6344

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

6345

format: int64

6346

type: integer

6347

timeoutSeconds:

6348

description: Number of seconds after which the probe times out. Defaults to 1 second.

6349

format: int32

6350

type: integer

6351

type: object

6352

stdin:

6353

description: Whether this container should allocate a buffer for stdin in the container runti

6354

type: boolean

6355

stdinOnce:

6356

description: Whether the container runtime should close the stdin channel after it has been o

6357

type: boolean

6358

targetContainerName:

6359

description: If set, the name of the container from PodSpec that this ephemeral container tar

6360

type: string

6361

terminationMessagePath:

6362

description: 'Optional: Path at which the file to which the container''s termination message wi'

6363

type: string

6364

terminationMessagePolicy:

6365

description: Indicate how the termination message should be populated.

6366

type: string

6367

tty:

6368

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

6369

type: boolean

6370

volumeDevices:

6371

description: volumeDevices is the list of block devices to be used by the container.

6372

items:

6373

description: volumeDevice describes a mapping of a raw block device within a container.

6374

properties:

6375

devicePath:

6376

description: devicePath is the path inside of the container that the device will be mapped to

6377

type: string

6378

name:

6379

description: name must match the name of a persistentVolumeClaim in the pod

6380

type: string

6381

required:

6382

- devicePath

6383

- name

6384

type: object

6385

type: array

6386

volumeMounts:

6387

description: Pod volumes to mount into the container's filesystem.

6388

items:

6389

description: VolumeMount describes a mounting of a Volume within a container.

6390

properties:

6391

mountPath:

6392

description: Path within the container at which the volume should be mounted.

6393

type: string

6394

mountPropagation:

6395

description: mountPropagation determines how mounts are propagated from the host to container

6396

type: string

6397

name:

6398

description: This must match the Name of a Volume.

6399

type: string

6400

readOnly:

6401

description: Mounted read-only if true, read-write otherwise (false or unspecified).

6402

type: boolean

6403

subPath:

6404

description: Path within the volume from which the container's volume should be mounted.

6405

type: string

6406

subPathExpr:

6407

description: Expanded path within the volume from which the container's volume should be moun

6408

type: string

6409

required:

6410

- mountPath

6411

- name

6412

type: object

6413

type: array

6414

workingDir:

6415

description: Container's working directory.

6416

type: string

6417

required:

6418

- name

6419

type: object

6420

type: array

6421

hostAliases:

6422

description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '

6423

items:

6424

description: HostAlias holds the mapping between IP and hostnames that will be injected as an

6425

properties:

6426

hostnames:

6427

description: Hostnames for the above IP address.

6428

items:

6429

type: string

6430

type: array

6431

ip:

6432

description: IP address of the host file entry.

6433

type: string

6434

type: object

6435

type: array

6436

hostIPC:

6437

description: 'Use the host''s ipc namespace. Optional: Default to false.'

6438

type: boolean

6439

hostNetwork:

6440

description: Host networking requested for this pod. Use the host's network namespace.

6441

type: boolean

6442

hostPID:

6443

description: 'Use the host''s pid namespace. Optional: Default to false.'

6444

type: boolean

6445

hostname:

6446

description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s

6447

type: string

6448

imagePullSecrets:

6449

description: ImagePullSecrets is an optional list of references to secrets in the same namesp

6450

items:

6451

description: LocalObjectReference contains enough information to let you locate the reference

6452

properties:

6453

name:

6454

description: 'Name of the referent. More info: https://kubernetes.'

6455

type: string

6456

type: object

6457

x-kubernetes-map-type: atomic

6458

type: array

6459

initContainers:

6460

description: List of initialization containers belonging to the pod.

6461

items:

6462

description: A single application container that you want to run within a pod.

6463

properties:

6464

args:

6465

description: Arguments to the entrypoint.

6466

items:

6467

type: string

6468

type: array

6469

command:

6470

description: Entrypoint array. Not executed within a shell.

6471

items:

6472

type: string

6473

type: array

6474

env:

6475

description: List of environment variables to set in the container. Cannot be updated.

6476

items:

6477

description: EnvVar represents an environment variable present in a Container.

6478

properties:

6479

name:

6480

description: Name of the environment variable. Must be a C_IDENTIFIER.

6481

type: string

6482

value:

6483

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

6484

type: string

6485

valueFrom:

6486

description: Source for the environment variable's value.

6487

properties:

6488

configMapKeyRef:

6489

description: Selects a key of a ConfigMap.

6490

properties:

6491

key:

6492

description: The key to select.

6493

type: string

6494

name:

6495

description: 'Name of the referent. More info: https://kubernetes.'

6496

type: string

6497

optional:

6498

description: Specify whether the ConfigMap or its key must be defined

6499

type: boolean

6500

required:

6501

- key

6502

type: object

6503

x-kubernetes-map-type: atomic

6504

fieldRef:

6505

description: 'Selects a field of the pod: supports metadata.name, metadata.'

6506

properties:

6507

apiVersion:

6508

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

6509

type: string

6510

fieldPath:

6511

description: Path of the field to select in the specified API version.

6512

type: string

6513

required:

6514

- fieldPath

6515

type: object

6516

x-kubernetes-map-type: atomic

6517

resourceFieldRef:

6518

description: 'Selects a resource of the container: only resources limits and requests (limits.'

6519

properties:

6520

containerName:

6521

description: 'Container name: required for volumes, optional for env vars'

6522

type: string

6523

divisor:

6524

anyOf:

6525

- type: integer

6526

- type: string

6527

description: Specifies the output format of the exposed resources, defaults to "1"

6528

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

6529

x-kubernetes-int-or-string: true

6530

resource:

6531

description: 'Required: resource to select'

6532

type: string

6533

required:

6534

- resource

6535

type: object

6536

x-kubernetes-map-type: atomic

6537

secretKeyRef:

6538

description: Selects a key of a secret in the pod's namespace

6539

properties:

6540

key:

6541

description: The key of the secret to select from. Must be a valid secret key.

6542

type: string

6543

name:

6544

description: 'Name of the referent. More info: https://kubernetes.'

6545

type: string

6546

optional:

6547

description: Specify whether the Secret or its key must be defined

6548

type: boolean

6549

required:

6550

- key

6551

type: object

6552

x-kubernetes-map-type: atomic

6553

type: object

6554

required:

6555

- name

6556

type: object

6557

type: array

6558

envFrom:

6559

description: List of sources to populate environment variables in the container.

6560

items:

6561

description: EnvFromSource represents the source of a set of ConfigMaps

6562

properties:

6563

configMapRef:

6564

description: The ConfigMap to select from

6565

properties:

6566

name:

6567

description: 'Name of the referent. More info: https://kubernetes.'

6568

type: string

6569

optional:

6570

description: Specify whether the ConfigMap must be defined

6571

type: boolean

6572

type: object

6573

x-kubernetes-map-type: atomic

6574

prefix:

6575

description: An optional identifier to prepend to each key in the ConfigMap.

6576

type: string

6577

secretRef:

6578

description: The Secret to select from

6579

properties:

6580

name:

6581

description: 'Name of the referent. More info: https://kubernetes.'

6582

type: string

6583

optional:

6584

description: Specify whether the Secret must be defined

6585

type: boolean

6586

type: object

6587

x-kubernetes-map-type: atomic

6588

type: object

6589

type: array

6590

image:

6591

description: 'Docker image name. More info: https://kubernetes.'

6592

type: string

6593

imagePullPolicy:

6594

description: Image pull policy. One of Always, Never, IfNotPresent.

6595

type: string

6596

lifecycle:

6597

description: Actions that the management system should take in response to container lifecycl

6598

properties:

6599

postStart:

6600

description: PostStart is called immediately after a container is created.

6601

properties:

6602

exec:

6603

description: Exec specifies the action to take.

6604

properties:

6605

command:

6606

description: Command is the command line to execute inside the container, the working directo

6607

items:

6608

type: string

6609

type: array

6610

type: object

6611

httpGet:

6612

description: HTTPGet specifies the http request to perform.

6613

properties:

6614

host:

6615

description: Host name to connect to, defaults to the pod IP.

6616

type: string

6617

httpHeaders:

6618

description: Custom headers to set in the request. HTTP allows repeated headers.

6619

items:

6620

description: HTTPHeader describes a custom header to be used in HTTP probes

6621

properties:

6622

name:

6623

description: The header field name

6624

type: string

6625

value:

6626

description: The header field value

6627

type: string

6628

required:

6629

- name

6630

- value

6631

type: object

6632

type: array

6633

path:

6634

description: Path to access on the HTTP server.

6635

type: string

6636

port:

6637

anyOf:

6638

- type: integer

6639

- type: string

6640

description: Name or number of the port to access on the container.

6641

x-kubernetes-int-or-string: true

6642

scheme:

6643

description: Scheme to use for connecting to the host. Defaults to HTTP.

6644

type: string

6645

required:

6646

- port

6647

type: object

6648

tcpSocket:

6649

description: Deprecated.

6650

properties:

6651

host:

6652

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6653

type: string

6654

port:

6655

anyOf:

6656

- type: integer

6657

- type: string

6658

description: Number or name of the port to access on the container.

6659

x-kubernetes-int-or-string: true

6660

required:

6661

- port

6662

type: object

6663

type: object

6664

preStop:

6665

description: PreStop is called immediately before a container is terminated due to an API req

6666

properties:

6667

exec:

6668

description: Exec specifies the action to take.

6669

properties:

6670

command:

6671

description: Command is the command line to execute inside the container, the working directo

6672

items:

6673

type: string

6674

type: array

6675

type: object

6676

httpGet:

6677

description: HTTPGet specifies the http request to perform.

6678

properties:

6679

host:

6680

description: Host name to connect to, defaults to the pod IP.

6681

type: string

6682

httpHeaders:

6683

description: Custom headers to set in the request. HTTP allows repeated headers.

6684

items:

6685

description: HTTPHeader describes a custom header to be used in HTTP probes

6686

properties:

6687

name:

6688

description: The header field name

6689

type: string

6690

value:

6691

description: The header field value

6692

type: string

6693

required:

6694

- name

6695

- value

6696

type: object

6697

type: array

6698

path:

6699

description: Path to access on the HTTP server.

6700

type: string

6701

port:

6702

anyOf:

6703

- type: integer

6704

- type: string

6705

description: Name or number of the port to access on the container.

6706

x-kubernetes-int-or-string: true

6707

scheme:

6708

description: Scheme to use for connecting to the host. Defaults to HTTP.

6709

type: string

6710

required:

6711

- port

6712

type: object

6713

tcpSocket:

6714

description: Deprecated.

6715

properties:

6716

host:

6717

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6718

type: string

6719

port:

6720

anyOf:

6721

- type: integer

6722

- type: string

6723

description: Number or name of the port to access on the container.

6724

x-kubernetes-int-or-string: true

6725

required:

6726

- port

6727

type: object

6728

type: object

6729

type: object

6730

livenessProbe:

6731

description: Periodic probe of container liveness.

6732

properties:

6733

exec:

6734

description: Exec specifies the action to take.

6735

properties:

6736

command:

6737

description: Command is the command line to execute inside the container, the working directo

6738

items:

6739

type: string

6740

type: array

6741

type: object

6742

failureThreshold:

6743

description: 'Minimum consecutive failures for the probe to be considered failed after having '

6744

format: int32

6745

type: integer

6746

grpc:

6747

description: GRPC specifies an action involving a GRPC port.

6748

properties:

6749

port:

6750

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

6751

format: int32

6752

type: integer

6753

service:

6754

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

6755

type: string

6756

required:

6757

- port

6758

type: object

6759

httpGet:

6760

description: HTTPGet specifies the http request to perform.

6761

properties:

6762

host:

6763

description: Host name to connect to, defaults to the pod IP.

6764

type: string

6765

httpHeaders:

6766

description: Custom headers to set in the request. HTTP allows repeated headers.

6767

items:

6768

description: HTTPHeader describes a custom header to be used in HTTP probes

6769

properties:

6770

name:

6771

description: The header field name

6772

type: string

6773

value:

6774

description: The header field value

6775

type: string

6776

required:

6777

- name

6778

- value

6779

type: object

6780

type: array

6781

path:

6782

description: Path to access on the HTTP server.

6783

type: string

6784

port:

6785

anyOf:

6786

- type: integer

6787

- type: string

6788

description: Name or number of the port to access on the container.

6789

x-kubernetes-int-or-string: true

6790

scheme:

6791

description: Scheme to use for connecting to the host. Defaults to HTTP.

6792

type: string

6793

required:

6794

- port

6795

type: object

6796

initialDelaySeconds:

6797

description: Number of seconds after the container has started before liveness probes are ini

6798

format: int32

6799

type: integer

6800

periodSeconds:

6801

description: How often (in seconds) to perform the probe. Default to 10 seconds.

6802

format: int32

6803

type: integer

6804

successThreshold:

6805

description: Minimum consecutive successes for the probe to be considered successful after ha

6806

format: int32

6807

type: integer

6808

tcpSocket:

6809

description: TCPSocket specifies an action involving a TCP port.

6810

properties:

6811

host:

6812

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6813

type: string

6814

port:

6815

anyOf:

6816

- type: integer

6817

- type: string

6818

description: Number or name of the port to access on the container.

6819

x-kubernetes-int-or-string: true

6820

required:

6821

- port

6822

type: object

6823

terminationGracePeriodSeconds:

6824

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

6825

format: int64

6826

type: integer

6827

timeoutSeconds:

6828

description: Number of seconds after which the probe times out. Defaults to 1 second.

6829

format: int32

6830

type: integer

6831

type: object

6832

name:

6833

description: Name of the container specified as a DNS_LABEL.

6834

type: string

6835

ports:

6836

description: List of ports to expose from the container.

6837

items:

6838

description: ContainerPort represents a network port in a single container.

6839

properties:

6840

containerPort:

6841

description: Number of port to expose on the pod's IP address.

6842

format: int32

6843

type: integer

6844

hostIP:

6845

description: What host IP to bind the external port to.

6846

type: string

6847

hostPort:

6848

description: Number of port to expose on the host.

6849

format: int32

6850

type: integer

6851

name:

6852

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

6853

type: string

6854

protocol:

6855

default: TCP

6856

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

6857

type: string

6858

required:

6859

- containerPort

6860

type: object

6861

type: array

6862

x-kubernetes-list-map-keys:

6863

- containerPort

6864

- protocol

6865

x-kubernetes-list-type: map

6866

readinessProbe:

6867

description: Periodic probe of container service readiness.

6868

properties:

6869

exec:

6870

description: Exec specifies the action to take.

6871

properties:

6872

command:

6873

description: Command is the command line to execute inside the container, the working directo

6874

items:

6875

type: string

6876

type: array

6877

type: object

6878

failureThreshold:

6879

description: 'Minimum consecutive failures for the probe to be considered failed after having '

6880

format: int32

6881

type: integer

6882

grpc:

6883

description: GRPC specifies an action involving a GRPC port.

6884

properties:

6885

port:

6886

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

6887

format: int32

6888

type: integer

6889

service:

6890

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

6891

type: string

6892

required:

6893

- port

6894

type: object

6895

httpGet:

6896

description: HTTPGet specifies the http request to perform.

6897

properties:

6898

host:

6899

description: Host name to connect to, defaults to the pod IP.

6900

type: string

6901

httpHeaders:

6902

description: Custom headers to set in the request. HTTP allows repeated headers.

6903

items:

6904

description: HTTPHeader describes a custom header to be used in HTTP probes

6905

properties:

6906

name:

6907

description: The header field name

6908

type: string

6909

value:

6910

description: The header field value

6911

type: string

6912

required:

6913

- name

6914

- value

6915

type: object

6916

type: array

6917

path:

6918

description: Path to access on the HTTP server.

6919

type: string

6920

port:

6921

anyOf:

6922

- type: integer

6923

- type: string

6924

description: Name or number of the port to access on the container.

6925

x-kubernetes-int-or-string: true

6926

scheme:

6927

description: Scheme to use for connecting to the host. Defaults to HTTP.

6928

type: string

6929

required:

6930

- port

6931

type: object

6932

initialDelaySeconds:

6933

description: Number of seconds after the container has started before liveness probes are ini

6934

format: int32

6935

type: integer

6936

periodSeconds:

6937

description: How often (in seconds) to perform the probe. Default to 10 seconds.

6938

format: int32

6939

type: integer

6940

successThreshold:

6941

description: Minimum consecutive successes for the probe to be considered successful after ha

6942

format: int32

6943

type: integer

6944

tcpSocket:

6945

description: TCPSocket specifies an action involving a TCP port.

6946

properties:

6947

host:

6948

description: 'Optional: Host name to connect to, defaults to the pod IP.'

6949

type: string

6950

port:

6951

anyOf:

6952

- type: integer

6953

- type: string

6954

description: Number or name of the port to access on the container.

6955

x-kubernetes-int-or-string: true

6956

required:

6957

- port

6958

type: object

6959

terminationGracePeriodSeconds:

6960

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

6961

format: int64

6962

type: integer

6963

timeoutSeconds:

6964

description: Number of seconds after which the probe times out. Defaults to 1 second.

6965

format: int32

6966

type: integer

6967

type: object

6968

resources:

6969

description: Compute Resources required by this container. Cannot be updated.

6970

properties:

6971

limits:

6972

additionalProperties:

6973

anyOf:

6974

- type: integer

6975

- type: string

6976

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

6977

x-kubernetes-int-or-string: true

6978

description: Limits describes the maximum amount of compute resources allowed.

6979

type: object

6980

requests:

6981

additionalProperties:

6982

anyOf:

6983

- type: integer

6984

- type: string

6985

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

6986

x-kubernetes-int-or-string: true

6987

description: Requests describes the minimum amount of compute resources required.

6988

type: object

6989

type: object

6990

securityContext:

6991

description: SecurityContext defines the security options the container should be run with.

6992

properties:

6993

allowPrivilegeEscalation:

6994

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

6995

type: boolean

6996

capabilities:

6997

description: The capabilities to add/drop when running containers.

6998

properties:

6999

add:

7000

description: Added capabilities

7001

items:

7002

description: Capability represent POSIX capabilities type

7003

type: string

7004

type: array

7005

drop:

7006

description: Removed capabilities

7007

items:

7008

description: Capability represent POSIX capabilities type

7009

type: string

7010

type: array

7011

type: object

7012

privileged:

7013

description: Run container in privileged mode.

7014

type: boolean

7015

procMount:

7016

description: procMount denotes the type of proc mount to use for the containers.

7017

type: string

7018

readOnlyRootFilesystem:

7019

description: Whether this container has a read-only root filesystem. Default is false.

7020

type: boolean

7021

runAsGroup:

7022

description: The GID to run the entrypoint of the container process.

7023

format: int64

7024

type: integer

7025

runAsNonRoot:

7026

description: Indicates that the container must run as a non-root user.

7027

type: boolean

7028

runAsUser:

7029

description: The UID to run the entrypoint of the container process.

7030

format: int64

7031

type: integer

7032

seLinuxOptions:

7033

description: The SELinux context to be applied to the container.

7034

properties:

7035

level:

7036

description: Level is SELinux level label that applies to the container.

7037

type: string

7038

role:

7039

description: Role is a SELinux role label that applies to the container.

7040

type: string

7041

type:

7042

description: Type is a SELinux type label that applies to the container.

7043

type: string

7044

user:

7045

description: User is a SELinux user label that applies to the container.

7046

type: string

7047

type: object

7048

seccompProfile:

7049

description: The seccomp options to use by this container.

7050

properties:

7051

localhostProfile:

7052

description: localhostProfile indicates a profile defined in a file on the node should be use

7053

type: string

7054

type:

7055

description: type indicates which kind of seccomp profile will be applied.

7056

type: string

7057

required:

7058

- type

7059

type: object

7060

windowsOptions:

7061

description: The Windows specific settings applied to all containers.

7062

properties:

7063

gmsaCredentialSpec:

7064

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

7065

type: string

7066

gmsaCredentialSpecName:

7067

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

7068

type: string

7069

hostProcess:

7070

description: HostProcess determines if a container should be run as a 'Host Process' containe

7071

type: boolean

7072

runAsUserName:

7073

description: The UserName in Windows to run the entrypoint of the container process.

7074

type: string

7075

type: object

7076

type: object

7077

startupProbe:

7078

description: StartupProbe indicates that the Pod has successfully initialized.

7079

properties:

7080

exec:

7081

description: Exec specifies the action to take.

7082

properties:

7083

command:

7084

description: Command is the command line to execute inside the container, the working directo

7085

items:

7086

type: string

7087

type: array

7088

type: object

7089

failureThreshold:

7090

description: 'Minimum consecutive failures for the probe to be considered failed after having '

7091

format: int32

7092

type: integer

7093

grpc:

7094

description: GRPC specifies an action involving a GRPC port.

7095

properties:

7096

port:

7097

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

7098

format: int32

7099

type: integer

7100

service:

7101

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

7102

type: string

7103

required:

7104

- port

7105

type: object

7106

httpGet:

7107

description: HTTPGet specifies the http request to perform.

7108

properties:

7109

host:

7110

description: Host name to connect to, defaults to the pod IP.

7111

type: string

7112

httpHeaders:

7113

description: Custom headers to set in the request. HTTP allows repeated headers.

7114

items:

7115

description: HTTPHeader describes a custom header to be used in HTTP probes

7116

properties:

7117

name:

7118

description: The header field name

7119

type: string

7120

value:

7121

description: The header field value

7122

type: string

7123

required:

7124

- name

7125

- value

7126

type: object

7127

type: array

7128

path:

7129

description: Path to access on the HTTP server.

7130

type: string

7131

port:

7132

anyOf:

7133

- type: integer

7134

- type: string

7135

description: Name or number of the port to access on the container.

7136

x-kubernetes-int-or-string: true

7137

scheme:

7138

description: Scheme to use for connecting to the host. Defaults to HTTP.

7139

type: string

7140

required:

7141

- port

7142

type: object

7143

initialDelaySeconds:

7144

description: Number of seconds after the container has started before liveness probes are ini

7145

format: int32

7146

type: integer

7147

periodSeconds:

7148

description: How often (in seconds) to perform the probe. Default to 10 seconds.

7149

format: int32

7150

type: integer

7151

successThreshold:

7152

description: Minimum consecutive successes for the probe to be considered successful after ha

7153

format: int32

7154

type: integer

7155

tcpSocket:

7156

description: TCPSocket specifies an action involving a TCP port.

7157

properties:

7158

host:

7159

description: 'Optional: Host name to connect to, defaults to the pod IP.'

7160

type: string

7161

port:

7162

anyOf:

7163

- type: integer

7164

- type: string

7165

description: Number or name of the port to access on the container.

7166

x-kubernetes-int-or-string: true

7167

required:

7168

- port

7169

type: object

7170

terminationGracePeriodSeconds:

7171

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

7172

format: int64

7173

type: integer

7174

timeoutSeconds:

7175

description: Number of seconds after which the probe times out. Defaults to 1 second.

7176

format: int32

7177

type: integer

7178

type: object

7179

stdin:

7180

description: Whether this container should allocate a buffer for stdin in the container runti

7181

type: boolean

7182

stdinOnce:

7183

description: Whether the container runtime should close the stdin channel after it has been o

7184

type: boolean

7185

terminationMessagePath:

7186

description: 'Optional: Path at which the file to which the container''s termination message wi'

7187

type: string

7188

terminationMessagePolicy:

7189

description: Indicate how the termination message should be populated.

7190

type: string

7191

tty:

7192

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

7193

type: boolean

7194

volumeDevices:

7195

description: volumeDevices is the list of block devices to be used by the container.

7196

items:

7197

description: volumeDevice describes a mapping of a raw block device within a container.

7198

properties:

7199

devicePath:

7200

description: devicePath is the path inside of the container that the device will be mapped to

7201

type: string

7202

name:

7203

description: name must match the name of a persistentVolumeClaim in the pod

7204

type: string

7205

required:

7206

- devicePath

7207

- name

7208

type: object

7209

type: array

7210

volumeMounts:

7211

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

7212

items:

7213

description: VolumeMount describes a mounting of a Volume within a container.

7214

properties:

7215

mountPath:

7216

description: Path within the container at which the volume should be mounted.

7217

type: string

7218

mountPropagation:

7219

description: mountPropagation determines how mounts are propagated from the host to container

7220

type: string

7221

name:

7222

description: This must match the Name of a Volume.

7223

type: string

7224

readOnly:

7225

description: Mounted read-only if true, read-write otherwise (false or unspecified).

7226

type: boolean

7227

subPath:

7228

description: Path within the volume from which the container's volume should be mounted.

7229

type: string

7230

subPathExpr:

7231

description: Expanded path within the volume from which the container's volume should be moun

7232

type: string

7233

required:

7234

- mountPath

7235

- name

7236

type: object

7237

type: array

7238

workingDir:

7239

description: Container's working directory.

7240

type: string

7241

required:

7242

- name

7243

type: object

7244

type: array

7245

nodeName:

7246

description: NodeName is a request to schedule this pod onto a specific node.

7247

type: string

7248

nodeSelector:

7249

additionalProperties:

7250

type: string

7251

description: NodeSelector is a selector which must be true for the pod to fit on a node.

7252

type: object

7253

x-kubernetes-map-type: atomic

7254

os:

7255

description: Specifies the OS of the containers in the pod.

7256

properties:

7257

name:

7258

description: Name is the name of the operating system.

7259

type: string

7260

required:

7261

- name

7262

type: object

7263

overhead:

7264

additionalProperties:

7265

anyOf:

7266

- type: integer

7267

- type: string

7268

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

7269

x-kubernetes-int-or-string: true

7270

description: Overhead represents the resource overhead associated with running a pod for a gi

7271

type: object

7272

preemptionPolicy:

7273

description: PreemptionPolicy is the Policy for preempting pods with lower priority.

7274

type: string

7275

priority:

7276

description: The priority value.

7277

format: int32

7278

type: integer

7279

priorityClassName:

7280

description: If specified, indicates the pod's priority.

7281

type: string

7282

readinessGates:

7283

description: If specified, all readiness gates will be evaluated for pod readiness.

7284

items:

7285

description: PodReadinessGate contains the reference to a pod condition

7286

properties:

7287

conditionType:

7288

description: ConditionType refers to a condition in the pod's condition list with matching ty

7289

type: string

7290

required:

7291

- conditionType

7292

type: object

7293

type: array

7294

restartPolicy:

7295

description: Restart policy for all containers within the pod.

7296

type: string

7297

runtimeClassName:

7298

description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.

7299

type: string

7300

schedulerName:

7301

description: If specified, the pod will be dispatched by specified scheduler.

7302

type: string

7303

securityContext:

7304

description: SecurityContext holds pod-level security attributes and common container setting

7305

properties:

7306

fsGroup:

7307

description: A special supplemental group that applies to all containers in a pod.

7308

format: int64

7309

type: integer

7310

fsGroupChangePolicy:

7311

description: fsGroupChangePolicy defines behavior of changing ownership and permission of the

7312

type: string

7313

runAsGroup:

7314

description: The GID to run the entrypoint of the container process.

7315

format: int64

7316

type: integer

7317

runAsNonRoot:

7318

description: Indicates that the container must run as a non-root user.

7319

type: boolean

7320

runAsUser:

7321

description: The UID to run the entrypoint of the container process.

7322

format: int64

7323

type: integer

7324

seLinuxOptions:

7325

description: The SELinux context to be applied to all containers.

7326

properties:

7327

level:

7328

description: Level is SELinux level label that applies to the container.

7329

type: string

7330

role:

7331

description: Role is a SELinux role label that applies to the container.

7332

type: string

7333

type:

7334

description: Type is a SELinux type label that applies to the container.

7335

type: string

7336

user:

7337

description: User is a SELinux user label that applies to the container.

7338

type: string

7339

type: object

7340

seccompProfile:

7341

description: The seccomp options to use by the containers in this pod.

7342

properties:

7343

localhostProfile:

7344

description: localhostProfile indicates a profile defined in a file on the node should be use

7345

type: string

7346

type:

7347

description: type indicates which kind of seccomp profile will be applied.

7348

type: string

7349

required:

7350

- type

7351

type: object

7352

supplementalGroups:

7353

description: A list of groups applied to the first process run in each container, in addition

7354

items:

7355

format: int64

7356

type: integer

7357

type: array

7358

sysctls:

7359

description: Sysctls hold a list of namespaced sysctls used for the pod.

7360

items:

7361

description: Sysctl defines a kernel parameter to be set

7362

properties:

7363

name:

7364

description: Name of a property to set

7365

type: string

7366

value:

7367

description: Value of a property to set

7368

type: string

7369

required:

7370

- name

7371

- value

7372

type: object

7373

type: array

7374

windowsOptions:

7375

description: The Windows specific settings applied to all containers.

7376

properties:

7377

gmsaCredentialSpec:

7378

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

7379

type: string

7380

gmsaCredentialSpecName:

7381

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

7382

type: string

7383

hostProcess:

7384

description: HostProcess determines if a container should be run as a 'Host Process' containe

7385

type: boolean

7386

runAsUserName:

7387

description: The UserName in Windows to run the entrypoint of the container process.

7388

type: string

7389

type: object

7390

type: object

7391

serviceAccount:

7392

description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.

7393

type: string

7394

serviceAccountName:

7395

description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.

7396

type: string

7397

setHostnameAsFQDN:

7398

description: If true the pod's hostname will be configured as the pod's FQDN, rather than the

7399

type: boolean

7400

shareProcessNamespace:

7401

description: Share a single process namespace between all of the containers in a pod.

7402

type: boolean

7403

subdomain:

7404

description: If specified, the fully qualified Pod hostname will be "..

7405

type: string

7406

terminationGracePeriodSeconds:

7407

description: Optional duration in seconds the pod needs to terminate gracefully.

7408

format: int64

7409

type: integer

7410

tolerations:

7411

description: If specified, the pod's tolerations.

7412

items:

7413

description: The pod this Toleration is attached to tolerates any taint that matches the trip

7414

properties:

7415

effect:

7416

description: Effect indicates the taint effect to match. Empty means match all taint effects.

7417

type: string

7418

key:

7419

description: Key is the taint key that the toleration applies to.

7420

type: string

7421

operator:

7422

description: Operator represents a key's relationship to the value.

7423

type: string

7424

tolerationSeconds:

7425

description: TolerationSeconds represents the period of time the toleration (which must be of

7426

format: int64

7427

type: integer

7428

value:

7429

description: Value is the taint value the toleration matches to.

7430

type: string

7431

type: object

7432

type: array

7433

topologySpreadConstraints:

7434

description: TopologySpreadConstraints describes how a group of pods ought to spread across t

7435

items:

7436

description: TopologySpreadConstraint specifies how to spread matching pods among the given t

7437

properties:

7438

labelSelector:

7439

description: LabelSelector is used to find matching pods.

7440

properties:

7441

matchExpressions:

7442

description: matchExpressions is a list of label selector requirements.

7443

items:

7444

description: A label selector requirement is a selector that contains values, a key, and an o

7445

properties:

7446

key:

7447

description: key is the label key that the selector applies to.

7448

type: string

7449

operator:

7450

description: operator represents a key's relationship to a set of values.

7451

type: string

7452

values:

7453

description: values is an array of string values.

7454

items:

7455

type: string

7456

type: array

7457

required:

7458

- key

7459

- operator

7460

type: object

7461

type: array

7462

matchLabels:

7463

additionalProperties:

7464

type: string

7465

description: matchLabels is a map of {key,value} pairs.

7466

type: object

7467

type: object

7468

x-kubernetes-map-type: atomic

7469

maxSkew:

7470

description: MaxSkew describes the degree to which pods may be unevenly distributed.

7471

format: int32

7472

type: integer

7473

topologyKey:

7474

description: TopologyKey is the key of node labels.

7475

type: string

7476

whenUnsatisfiable:

7477

description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr

7478

type: string

7479

required:

7480

- maxSkew

7481

- topologyKey

7482

- whenUnsatisfiable

7483

type: object

7484

type: array

7485

x-kubernetes-list-map-keys:

7486

- topologyKey

7487

- whenUnsatisfiable

7488

x-kubernetes-list-type: map

7489

volumes:

7490

description: List of volumes that can be mounted by containers belonging to the pod.

7491

items:

7492

description: 'Volume represents a named volume in a pod that may be accessed by any container '

7493

properties:

7494

awsElasticBlockStore:

7495

description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel

7496

properties:

7497

fsType:

7498

description: Filesystem type of the volume that you want to mount.

7499

type: string

7500

partition:

7501

description: The partition in the volume that you want to mount.

7502

format: int32

7503

type: integer

7504

readOnly:

7505

description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".

7506

type: boolean

7507

volumeID:

7508

description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).

7509

type: string

7510

required:

7511

- volumeID

7512

type: object

7513

azureDisk:

7514

description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '

7515

properties:

7516

cachingMode:

7517

description: 'Host Caching mode: None, Read Only, Read Write.'

7518

type: string

7519

diskName:

7520

description: The Name of the data disk in the blob storage

7521

type: string

7522

diskURI:

7523

description: The URI the data disk in the blob storage

7524

type: string

7525

fsType:

7526

description: Filesystem type to mount.

7527

type: string

7528

kind:

7529

description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'

7530

type: string

7531

readOnly:

7532

description: Defaults to false (read/write).

7533

type: boolean

7534

required:

7535

- diskName

7536

- diskURI

7537

type: object

7538

azureFile:

7539

description: AzureFile represents an Azure File Service mount on the host and bind mount to t

7540

properties:

7541

readOnly:

7542

description: Defaults to false (read/write).

7543

type: boolean

7544

secretName:

7545

description: the name of secret that contains Azure Storage Account Name and Key

7546

type: string

7547

shareName:

7548

description: Share Name

7549

type: string

7550

required:

7551

- secretName

7552

- shareName

7553

type: object

7554

cephfs:

7555

description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime

7556

properties:

7557

monitors:

7558

description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'

7559

items:

7560

type: string

7561

type: array

7562

path:

7563

description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'

7564

type: string

7565

readOnly:

7566

description: 'Optional: Defaults to false (read/write).'

7567

type: boolean

7568

secretFile:

7569

description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'

7570

type: string

7571

secretRef:

7572

description: 'Optional: SecretRef is reference to the authentication secret for User, default '

7573

properties:

7574

name:

7575

description: 'Name of the referent. More info: https://kubernetes.'

7576

type: string

7577

type: object

7578

x-kubernetes-map-type: atomic

7579

user:

7580

description: 'Optional: User is the rados user name, default is admin More info: https://examp'

7581

type: string

7582

required:

7583

- monitors

7584

type: object

7585

cinder:

7586

description: Cinder represents a cinder volume attached and mounted on kubelets host machine.

7587

properties:

7588

fsType:

7589

description: Filesystem type to mount.

7590

type: string

7591

readOnly:

7592

description: 'Optional: Defaults to false (read/write).'

7593

type: boolean

7594

secretRef:

7595

description: 'Optional: points to a secret object containing parameters used to connect to Ope'

7596

properties:

7597

name:

7598

description: 'Name of the referent. More info: https://kubernetes.'

7599

type: string

7600

type: object

7601

x-kubernetes-map-type: atomic

7602

volumeID:

7603

description: 'volume id used to identify the volume in cinder. More info: https://examples.'

7604

type: string

7605

required:

7606

- volumeID

7607

type: object

7608

configMap:

7609

description: ConfigMap represents a configMap that should populate this volume

7610

properties:

7611

defaultMode:

7612

description: 'Optional: mode bits used to set permissions on created files by default.'

7613

format: int32

7614

type: integer

7615

items:

7616

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

7617

items:

7618

description: Maps a string key to a path within a volume.

7619

properties:

7620

key:

7621

description: The key to project.

7622

type: string

7623

mode:

7624

description: 'Optional: mode bits used to set permissions on this file.'

7625

format: int32

7626

type: integer

7627

path:

7628

description: The relative path of the file to map the key to. May not be an absolute path.

7629

type: string

7630

required:

7631

- key

7632

- path

7633

type: object

7634

type: array

7635

name:

7636

description: 'Name of the referent. More info: https://kubernetes.'

7637

type: string

7638

optional:

7639

description: Specify whether the ConfigMap or its keys must be defined

7640

type: boolean

7641

type: object

7642

x-kubernetes-map-type: atomic

7643

csi:

7644

description: CSI (Container Storage Interface) represents ephemeral storage that is handled b

7645

properties:

7646

driver:

7647

description: Driver is the name of the CSI driver that handles this volume.

7648

type: string

7649

fsType:

7650

description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".

7651

type: string

7652

nodePublishSecretRef:

7653

description: NodePublishSecretRef is a reference to the secret object containing sensitive in

7654

properties:

7655

name:

7656

description: 'Name of the referent. More info: https://kubernetes.'

7657

type: string

7658

type: object

7659

x-kubernetes-map-type: atomic

7660

readOnly:

7661

description: Specifies a read-only configuration for the volume.

7662

type: boolean

7663

volumeAttributes:

7664

additionalProperties:

7665

type: string

7666

description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr

7667

type: object

7668

required:

7669

- driver

7670

type: object

7671

downwardAPI:

7672

description: DownwardAPI represents downward API about the pod that should populate this volu

7673

properties:

7674

defaultMode:

7675

description: 'Optional: mode bits to use on created files by default.'

7676

format: int32

7677

type: integer

7678

items:

7679

description: Items is a list of downward API volume file

7680

items:

7681

description: DownwardAPIVolumeFile represents information to create the file containing the p

7682

properties:

7683

fieldRef:

7684

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

7685

properties:

7686

apiVersion:

7687

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

7688

type: string

7689

fieldPath:

7690

description: Path of the field to select in the specified API version.

7691

type: string

7692

required:

7693

- fieldPath

7694

type: object

7695

x-kubernetes-map-type: atomic

7696

mode:

7697

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

7698

format: int32

7699

type: integer

7700

path:

7701

description: 'Required: Path is the relative path name of the file to be created.'

7702

type: string

7703

resourceFieldRef:

7704

description: 'Selects a resource of the container: only resources limits and requests (limits.'

7705

properties:

7706

containerName:

7707

description: 'Container name: required for volumes, optional for env vars'

7708

type: string

7709

divisor:

7710

anyOf:

7711

- type: integer

7712

- type: string

7713

description: Specifies the output format of the exposed resources, defaults to "1"

7714

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

7715

x-kubernetes-int-or-string: true

7716

resource:

7717

description: 'Required: resource to select'

7718

type: string

7719

required:

7720

- resource

7721

type: object

7722

x-kubernetes-map-type: atomic

7723

required:

7724

- path

7725

type: object

7726

type: array

7727

type: object

7728

emptyDir:

7729

description: EmptyDir represents a temporary directory that shares a pod's lifetime.

7730

properties:

7731

medium:

7732

description: What type of storage medium should back this directory.

7733

type: string

7734

sizeLimit:

7735

anyOf:

7736

- type: integer

7737

- type: string

7738

description: Total amount of local storage required for this EmptyDir volume.

7739

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

7740

x-kubernetes-int-or-string: true

7741

type: object

7742

ephemeral:

7743

description: Ephemeral represents a volume that is handled by a cluster storage driver.

7744

properties:

7745

volumeClaimTemplate:

7746

description: Will be used to create a stand-alone PVC to provision the volume.

7747

properties:

7748

metadata:

7749

description: May contain labels and annotations that will be copied into the PVC when creatin

7750

type: object

7751

spec:

7752

description: The specification for the PersistentVolumeClaim.

7753

properties:

7754

accessModes:

7755

description: AccessModes contains the desired access modes the volume should have.

7756

items:

7757

type: string

7758

type: array

7759

dataSource:

7760

description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'

7761

properties:

7762

apiGroup:

7763

description: APIGroup is the group for the resource being referenced.

7764

type: string

7765

kind:

7766

description: Kind is the type of resource being referenced

7767

type: string

7768

name:

7769

description: Name is the name of resource being referenced

7770

type: string

7771

required:

7772

- kind

7773

- name

7774

type: object

7775

x-kubernetes-map-type: atomic

7776

dataSourceRef:

7777

description: Specifies the object from which to populate the volume with data, if a non-empty

7778

properties:

7779

apiGroup:

7780

description: APIGroup is the group for the resource being referenced.

7781

type: string

7782

kind:

7783

description: Kind is the type of resource being referenced

7784

type: string

7785

name:

7786

description: Name is the name of resource being referenced

7787

type: string

7788

required:

7789

- kind

7790

- name

7791

type: object

7792

x-kubernetes-map-type: atomic

7793

resources:

7794

description: Resources represents the minimum resources the volume should have.

7795

properties:

7796

limits:

7797

additionalProperties:

7798

anyOf:

7799

- type: integer

7800

- type: string

7801

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

7802

x-kubernetes-int-or-string: true

7803

description: Limits describes the maximum amount of compute resources allowed.

7804

type: object

7805

requests:

7806

additionalProperties:

7807

anyOf:

7808

- type: integer

7809

- type: string

7810

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

7811

x-kubernetes-int-or-string: true

7812

description: Requests describes the minimum amount of compute resources required.

7813

type: object

7814

type: object

7815

selector:

7816

description: A label query over volumes to consider for binding.

7817

properties:

7818

matchExpressions:

7819

description: matchExpressions is a list of label selector requirements.

7820

items:

7821

description: A label selector requirement is a selector that contains values, a key, and an o

7822

properties:

7823

key:

7824

description: key is the label key that the selector applies to.

7825

type: string

7826

operator:

7827

description: operator represents a key's relationship to a set of values.

7828

type: string

7829

values:

7830

description: values is an array of string values.

7831

items:

7832

type: string

7833

type: array

7834

required:

7835

- key

7836

- operator

7837

type: object

7838

type: array

7839

matchLabels:

7840

additionalProperties:

7841

type: string

7842

description: matchLabels is a map of {key,value} pairs.

7843

type: object

7844

type: object

7845

x-kubernetes-map-type: atomic

7846

storageClassName:

7847

description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'

7848

type: string

7849

volumeMode:

7850

description: volumeMode defines what type of volume is required by the claim.

7851

type: string

7852

volumeName:

7853

description: VolumeName is the binding reference to the PersistentVolume backing this claim.

7854

type: string

7855

type: object

7856

required:

7857

- spec

7858

type: object

7859

type: object

7860

fc:

7861

description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach

7862

properties:

7863

fsType:

7864

description: Filesystem type to mount.

7865

type: string

7866

lun:

7867

description: 'Optional: FC target lun number'

7868

format: int32

7869

type: integer

7870

readOnly:

7871

description: 'Optional: Defaults to false (read/write).'

7872

type: boolean

7873

targetWWNs:

7874

description: 'Optional: FC target worldwide names (WWNs)'

7875

items:

7876

type: string

7877

type: array

7878

wwids:

7879

description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'

7880

items:

7881

type: string

7882

type: array

7883

type: object

7884

flexVolume:

7885

description: FlexVolume represents a generic volume resource that is provisioned/attached usi

7886

properties:

7887

driver:

7888

description: Driver is the name of the driver to use for this volume.

7889

type: string

7890

fsType:

7891

description: Filesystem type to mount.

7892

type: string

7893

options:

7894

additionalProperties:

7895

type: string

7896

description: 'Optional: Extra command options if any.'

7897

type: object

7898

readOnly:

7899

description: 'Optional: Defaults to false (read/write).'

7900

type: boolean

7901

secretRef:

7902

description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'

7903

properties:

7904

name:

7905

description: 'Name of the referent. More info: https://kubernetes.'

7906

type: string

7907

type: object

7908

x-kubernetes-map-type: atomic

7909

required:

7910

- driver

7911

type: object

7912

flocker:

7913

description: Flocker represents a Flocker volume attached to a kubelet's host machine.

7914

properties:

7915

datasetName:

7916

description: Name of the dataset stored as metadata -> name on the dataset for Flocker should

7917

type: string

7918

datasetUUID:

7919

description: UUID of the dataset. This is unique identifier of a Flocker dataset

7920

type: string

7921

type: object

7922

gcePersistentDisk:

7923

description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's

7924

properties:

7925

fsType:

7926

description: Filesystem type of the volume that you want to mount.

7927

type: string

7928

partition:

7929

description: The partition in the volume that you want to mount.

7930

format: int32

7931

type: integer

7932

pdName:

7933

description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.

7934

type: string

7935

readOnly:

7936

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

7937

type: boolean

7938

required:

7939

- pdName

7940

type: object

7941

gitRepo:

7942

description: GitRepo represents a git repository at a particular revision.

7943

properties:

7944

directory:

7945

description: Target directory name. Must not contain or start with '..'. If '.

7946

type: string

7947

repository:

7948

description: Repository URL

7949

type: string

7950

revision:

7951

description: Commit hash for the specified revision.

7952

type: string

7953

required:

7954

- repository

7955

type: object

7956

glusterfs:

7957

description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.

7958

properties:

7959

endpoints:

7960

description: EndpointsName is the endpoint name that details Glusterfs topology.

7961

type: string

7962

path:

7963

description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'

7964

type: string

7965

readOnly:

7966

description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi

7967

type: boolean

7968

required:

7969

- endpoints

7970

- path

7971

type: object

7972

hostPath:

7973

description: HostPath represents a pre-existing file or directory on the host machine that is

7974

properties:

7975

path:

7976

description: Path of the directory on the host.

7977

type: string

7978

type:

7979

description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'

7980

type: string

7981

required:

7982

- path

7983

type: object

7984

iscsi:

7985

description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac

7986

properties:

7987

chapAuthDiscovery:

7988

description: whether support iSCSI Discovery CHAP authentication

7989

type: boolean

7990

chapAuthSession:

7991

description: whether support iSCSI Session CHAP authentication

7992

type: boolean

7993

fsType:

7994

description: Filesystem type of the volume that you want to mount.

7995

type: string

7996

initiatorName:

7997

description: Custom iSCSI Initiator Name.

7998

type: string

7999

iqn:

8000

description: Target iSCSI Qualified Name.

8001

type: string

8002

iscsiInterface:

8003

description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

8004

type: string

8005

lun:

8006

description: iSCSI Target Lun number.

8007

format: int32

8008

type: integer

8009

portals:

8010

description: iSCSI Target Portal List.

8011

items:

8012

type: string

8013

type: array

8014

readOnly:

8015

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

8016

type: boolean

8017

secretRef:

8018

description: CHAP Secret for iSCSI target and initiator authentication

8019

properties:

8020

name:

8021

description: 'Name of the referent. More info: https://kubernetes.'

8022

type: string

8023

type: object

8024

x-kubernetes-map-type: atomic

8025

targetPortal:

8026

description: iSCSI Target Portal.

8027

type: string

8028

required:

8029

- iqn

8030

- lun

8031

- targetPortal

8032

type: object

8033

name:

8034

description: Volume's name. Must be a DNS_LABEL and unique within the pod.

8035

type: string

8036

nfs:

8037

description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '

8038

properties:

8039

path:

8040

description: 'Path that is exported by the NFS server. More info: https://kubernetes.'

8041

type: string

8042

readOnly:

8043

description: ReadOnly here will force the NFS export to be mounted with read-only permissions

8044

type: boolean

8045

server:

8046

description: Server is the hostname or IP address of the NFS server.

8047

type: string

8048

required:

8049

- path

8050

- server

8051

type: object

8052

persistentVolumeClaim:

8053

description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl

8054

properties:

8055

claimName:

8056

description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po

8057

type: string

8058

readOnly:

8059

description: Will force the ReadOnly setting in VolumeMounts. Default false.

8060

type: boolean

8061

required:

8062

- claimName

8063

type: object

8064

photonPersistentDisk:

8065

description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '

8066

properties:

8067

fsType:

8068

description: Filesystem type to mount.

8069

type: string

8070

pdID:

8071

description: ID that identifies Photon Controller persistent disk

8072

type: string

8073

required:

8074

- pdID

8075

type: object

8076

portworxVolume:

8077

description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos

8078

properties:

8079

fsType:

8080

description: FSType represents the filesystem type to mount Must be a filesystem type support

8081

type: string

8082

readOnly:

8083

description: Defaults to false (read/write).

8084

type: boolean

8085

volumeID:

8086

description: VolumeID uniquely identifies a Portworx volume

8087

type: string

8088

required:

8089

- volumeID

8090

type: object

8091

projected:

8092

description: Items for all in one resources secrets, configmaps, and downward API

8093

properties:

8094

defaultMode:

8095

description: Mode bits used to set permissions on created files by default.

8096

format: int32

8097

type: integer

8098

sources:

8099

description: list of volume projections

8100

items:

8101

description: Projection that may be projected along with other supported volume types

8102

properties:

8103

configMap:

8104

description: information about the configMap data to project

8105

properties:

8106

items:

8107

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

8108

items:

8109

description: Maps a string key to a path within a volume.

8110

properties:

8111

key:

8112

description: The key to project.

8113

type: string

8114

mode:

8115

description: 'Optional: mode bits used to set permissions on this file.'

8116

format: int32

8117

type: integer

8118

path:

8119

description: The relative path of the file to map the key to. May not be an absolute path.

8120

type: string

8121

required:

8122

- key

8123

- path

8124

type: object

8125

type: array

8126

name:

8127

description: 'Name of the referent. More info: https://kubernetes.'

8128

type: string

8129

optional:

8130

description: Specify whether the ConfigMap or its keys must be defined

8131

type: boolean

8132

type: object

8133

x-kubernetes-map-type: atomic

8134

downwardAPI:

8135

description: information about the downwardAPI data to project

8136

properties:

8137

items:

8138

description: Items is a list of DownwardAPIVolume file

8139

items:

8140

description: DownwardAPIVolumeFile represents information to create the file containing the p

8141

properties:

8142

fieldRef:

8143

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

8144

properties:

8145

apiVersion:

8146

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

8147

type: string

8148

fieldPath:

8149

description: Path of the field to select in the specified API version.

8150

type: string

8151

required:

8152

- fieldPath

8153

type: object

8154

x-kubernetes-map-type: atomic

8155

mode:

8156

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

8157

format: int32

8158

type: integer

8159

path:

8160

description: 'Required: Path is the relative path name of the file to be created.'

8161

type: string

8162

resourceFieldRef:

8163

description: 'Selects a resource of the container: only resources limits and requests (limits.'

8164

properties:

8165

containerName:

8166

description: 'Container name: required for volumes, optional for env vars'

8167

type: string

8168

divisor:

8169

anyOf:

8170

- type: integer

8171

- type: string

8172

description: Specifies the output format of the exposed resources, defaults to "1"

8173

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

8174

x-kubernetes-int-or-string: true

8175

resource:

8176

description: 'Required: resource to select'

8177

type: string

8178

required:

8179

- resource

8180

type: object

8181

x-kubernetes-map-type: atomic

8182

required:

8183

- path

8184

type: object

8185

type: array

8186

type: object

8187

secret:

8188

description: information about the secret data to project

8189

properties:

8190

items:

8191

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

8192

items:

8193

description: Maps a string key to a path within a volume.

8194

properties:

8195

key:

8196

description: The key to project.

8197

type: string

8198

mode:

8199

description: 'Optional: mode bits used to set permissions on this file.'

8200

format: int32

8201

type: integer

8202

path:

8203

description: The relative path of the file to map the key to. May not be an absolute path.

8204

type: string

8205

required:

8206

- key

8207

- path

8208

type: object

8209

type: array

8210

name:

8211

description: 'Name of the referent. More info: https://kubernetes.'

8212

type: string

8213

optional:

8214

description: Specify whether the Secret or its key must be defined

8215

type: boolean

8216

type: object

8217

x-kubernetes-map-type: atomic

8218

serviceAccountToken:

8219

description: information about the serviceAccountToken data to project

8220

properties:

8221

audience:

8222

description: Audience is the intended audience of the token.

8223

type: string

8224

expirationSeconds:

8225

description: ExpirationSeconds is the requested duration of validity of the service account t

8226

format: int64

8227

type: integer

8228

path:

8229

description: Path is the path relative to the mount point of the file to project the token in

8230

type: string

8231

required:

8232

- path

8233

type: object

8234

type: object

8235

type: array

8236

type: object

8237

quobyte:

8238

description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime

8239

properties:

8240

group:

8241

description: Group to map volume access to Default is no group

8242

type: string

8243

readOnly:

8244

description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss

8245

type: boolean

8246

registry:

8247

description: 'Registry represents a single or multiple Quobyte Registry services specified as '

8248

type: string

8249

tenant:

8250

description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov

8251

type: string

8252

user:

8253

description: User to map volume access to Defaults to serivceaccount user

8254

type: string

8255

volume:

8256

description: Volume is a string that references an already created Quobyte volume by name.

8257

type: string

8258

required:

8259

- registry

8260

- volume

8261

type: object

8262

rbd:

8263

description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti

8264

properties:

8265

fsType:

8266

description: Filesystem type of the volume that you want to mount.

8267

type: string

8268

image:

8269

description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'

8270

type: string

8271

keyring:

8272

description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.

8273

type: string

8274

monitors:

8275

description: 'A collection of Ceph monitors. More info: https://examples.k8s.'

8276

items:

8277

type: string

8278

type: array

8279

pool:

8280

description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'

8281

type: string

8282

readOnly:

8283

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

8284

type: boolean

8285

secretRef:

8286

description: SecretRef is name of the authentication secret for RBDUser.

8287

properties:

8288

name:

8289

description: 'Name of the referent. More info: https://kubernetes.'

8290

type: string

8291

type: object

8292

x-kubernetes-map-type: atomic

8293

user:

8294

description: 'The rados user name. Default is admin. More info: https://examples.k8s.'

8295

type: string

8296

required:

8297

- image

8298

- monitors

8299

type: object

8300

scaleIO:

8301

description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete

8302

properties:

8303

fsType:

8304

description: Filesystem type to mount.

8305

type: string

8306

gateway:

8307

description: The host address of the ScaleIO API Gateway.

8308

type: string

8309

protectionDomain:

8310

description: The name of the ScaleIO Protection Domain for the configured storage.

8311

type: string

8312

readOnly:

8313

description: Defaults to false (read/write).

8314

type: boolean

8315

secretRef:

8316

description: SecretRef references to the secret for ScaleIO user and other sensitive informat

8317

properties:

8318

name:

8319

description: 'Name of the referent. More info: https://kubernetes.'

8320

type: string

8321

type: object

8322

x-kubernetes-map-type: atomic

8323

sslEnabled:

8324

description: Flag to enable/disable SSL communication with Gateway, default false

8325

type: boolean

8326

storageMode:

8327

description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro

8328

type: string

8329

storagePool:

8330

description: The ScaleIO Storage Pool associated with the protection domain.

8331

type: string

8332

system:

8333

description: The name of the storage system as configured in ScaleIO.

8334

type: string

8335

volumeName:

8336

description: The name of a volume already created in the ScaleIO system that is associated wi

8337

type: string

8338

required:

8339

- gateway

8340

- secretRef

8341

- system

8342

type: object

8343

secret:

8344

description: Secret represents a secret that should populate this volume.

8345

properties:

8346

defaultMode:

8347

description: 'Optional: mode bits used to set permissions on created files by default.'

8348

format: int32

8349

type: integer

8350

items:

8351

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

8352

items:

8353

description: Maps a string key to a path within a volume.

8354

properties:

8355

key:

8356

description: The key to project.

8357

type: string

8358

mode:

8359

description: 'Optional: mode bits used to set permissions on this file.'

8360

format: int32

8361

type: integer

8362

path:

8363

description: The relative path of the file to map the key to. May not be an absolute path.

8364

type: string

8365

required:

8366

- key

8367

- path

8368

type: object

8369

type: array

8370

optional:

8371

description: Specify whether the Secret or its keys must be defined

8372

type: boolean

8373

secretName:

8374

description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'

8375

type: string

8376

type: object

8377

storageos:

8378

description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes

8379

properties:

8380

fsType:

8381

description: Filesystem type to mount.

8382

type: string

8383

readOnly:

8384

description: Defaults to false (read/write).

8385

type: boolean

8386

secretRef:

8387

description: SecretRef specifies the secret to use for obtaining the StorageOS API credential

8388

properties:

8389

name:

8390

description: 'Name of the referent. More info: https://kubernetes.'

8391

type: string

8392

type: object

8393

x-kubernetes-map-type: atomic

8394

volumeName:

8395

description: VolumeName is the human-readable name of the StorageOS volume.

8396

type: string

8397

volumeNamespace:

8398

description: VolumeNamespace specifies the scope of the volume within StorageOS.

8399

type: string

8400

type: object

8401

vsphereVolume:

8402

description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '

8403

properties:

8404

fsType:

8405

description: Filesystem type to mount.

8406

type: string

8407

storagePolicyID:

8408

description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol

8409

type: string

8410

storagePolicyName:

8411

description: Storage Policy Based Management (SPBM) profile name.

8412

type: string

8413

volumePath:

8414

description: Path that identifies vSphere volume vmdk

8415

type: string

8416

required:

8417

- volumePath

8418

type: object

8419

required:

8420

- name

8421

type: object

8422

type: array

8423

required: null

8424

type: object

8425

type: object

8426

version:

8427

default: 3

8428

enum:

8429

- 0

8430

- 2

8431

- 3

8432

format: int32

8433

type: integer

8434

type: object

8435

type: object

8436

version:

8437

default: 3

8438

enum:

8439

- 3

8440

format: int32

8441

type: integer

8442

required:

8443

- backends

8444

type: object

8445

status:

8446

description: OnionBalancedServiceStatus defines the observed state of OnionBalancedService.

8447

properties:

8448

backends:

8449

additionalProperties:

8450

description: OnionServiceStatus defines the observed state of OnionService.

8451

properties:

8452

hostname:

8453

type: string

8454

targetClusterIP:

8455

type: string

8456

type: object

8457

type: object

8458

hostname:

8459

type: string

8460

targetClusterIP:

8461

type: string

8462

type: object

8463

type: object

8464

served: true

8465

storage: true

8466

subresources:

8467

status: {}

8468

---

8469

apiVersion: apiextensions.k8s.io/v1

8470

kind: CustomResourceDefinition

8471

metadata:

8472

annotations:

8473

controller-gen.kubebuilder.io/version: v0.11.1

8474

creationTimestamp: null

8475

8476

spec:

8477

group: tor.k8s.torproject.org

8478

names:

8479

kind: OnionService

8480

listKind: OnionServiceList

8481

plural: onionservices

8482

shortNames:

8483

- onion

8484

- os

8485

singular: onionservice

8486

scope: Namespaced

8487

versions:

8488

- additionalPrinterColumns:

8489

- jsonPath: .status.hostname

8490

8491

type: string

8492

- jsonPath: .status.targetClusterIP

8493

8494

type: string

8495

- jsonPath: .metadata.creationTimestamp

8496

8497

type: date

8498

8499

schema:

8500

openAPIV3Schema:

8501

description: OnionService is the Schema for the onionservices API.

8502

properties:

8503

apiVersion:

8504

description: APIVersion defines the versioned schema of this representation of an object.

8505

type: string

8506

kind:

8507

description: Kind is a string value representing the REST resource this object represents.

8508

type: string

8509

metadata:

8510

type: object

8511

spec:

8512

description: OnionServiceSpec defines the desired state of OnionService.

8513

properties:

8514

extraConfig:

8515

type: string

8516

ports:

8517

description: The list of ports that are exposed by this service.

8518

items:

8519

properties:

8520

name:

8521

description: Optional if only one ServicePort is defined on this service.

8522

type: string

8523

publicPort:

8524

description: The port that will be exposed by this service.

8525

format: int32

8526

type: integer

8527

targetPort:

8528

description: Number or name of the port to access on the pods targeted by the service.

8529

format: int32

8530

type: integer

8531

required:

8532

- publicPort

8533

type: object

8534

type: array

8535

privateKeySecret:

8536

description: SecretReference represents a Secret Reference.

8537

properties:

8538

key:

8539

type: string

8540

name:

8541

description: Name is unique within a namespace to reference a secret resource.

8542

type: string

8543

type: object

8544

selector:

8545

additionalProperties:

8546

type: string

8547

type: object

8548

version:

8549

enum:

8550

- 0

8551

- 2

8552

- 3

8553

format: int32

8554

type: integer

8555

required:

8556

- version

8557

type: object

8558

status:

8559

description: OnionServiceStatus defines the observed state of OnionService.

8560

properties:

8561

hostname:

8562

type: string

8563

targetClusterIP:

8564

type: string

8565

required:

8566

- hostname

8567

- targetClusterIP

8568

type: object

8569

type: object

8570

served: true

8571

storage: false

8572

subresources:

8573

status: {}

8574

- additionalPrinterColumns:

8575

- jsonPath: .status.hostname

8576

8577

type: string

8578

- jsonPath: .metadata.creationTimestamp

8579

8580

type: date

8581

8582

schema:

8583

openAPIV3Schema:

8584

description: OnionService is the Schema for the onionservices API.

8585

properties:

8586

apiVersion:

8587

description: APIVersion defines the versioned schema of this representation of an object.

8588

type: string

8589

kind:

8590

description: Kind is a string value representing the REST resource this object represents.

8591

type: string

8592

metadata:

8593

type: object

8594

spec:

8595

description: OnionServiceSpec defines the desired state of OnionService.

8596

properties:

8597

authorizedClients:

8598

items:

8599

description: SecretReference represents a Secret Reference.

8600

properties:

8601

key:

8602

type: string

8603

name:

8604

description: Name is unique within a namespace to reference a secret resource.

8605

type: string

8606

type: object

8607

type: array

8608

extraConfig:

8609

type: string

8610

masterOnionAddress:

8611

type: string

8612

privateKeySecret:

8613

description: SecretReference represents a Secret Reference.

8614

properties:

8615

key:

8616

type: string

8617

name:

8618

description: Name is unique within a namespace to reference a secret resource.

8619

type: string

8620

type: object

8621

rules:

8622

items:

8623

properties:

8624

backend:

8625

description: Backend selector

8626

properties:

8627

resource:

8628

description: 'Resource is an ObjectRef to another Kubernetes resource in the namespace of the '

8629

properties:

8630

apiGroup:

8631

description: APIGroup is the group for the resource being referenced.

8632

type: string

8633

kind:

8634

description: Kind is the type of resource being referenced

8635

type: string

8636

name:

8637

description: Name is the name of resource being referenced

8638

type: string

8639

required:

8640

- kind

8641

- name

8642

type: object

8643

x-kubernetes-map-type: atomic

8644

service:

8645

description: Service references a Service as a Backend.

8646

properties:

8647

name:

8648

description: Name is the referenced service.

8649

type: string

8650

port:

8651

description: Port of the referenced service.

8652

properties:

8653

name:

8654

description: Name is the name of the port on the Service.

8655

type: string

8656

number:

8657

description: Number is the numerical port number (e.g. 80) on the Service.

8658

format: int32

8659

type: integer

8660

type: object

8661

required:

8662

- name

8663

type: object

8664

type: object

8665

port:

8666

description: Port publish as

8667

properties:

8668

name:

8669

description: Name is the name of the port on the Service.

8670

type: string

8671

number:

8672

description: Number is the numerical port number (e.g. 80) on the Service.

8673

format: int32

8674

type: integer

8675

type: object

8676

type: object

8677

type: array

8678

serviceMonitor:

8679

default: false

8680

type: boolean

8681

template:

8682

description: Template describes the pods that will be created.

8683

properties:

8684

metadata:

8685

description: Metadata of the pods created from this template.

8686

type: object

8687

resources:

8688

description: Default resources for containers

8689

properties:

8690

limits:

8691

additionalProperties:

8692

anyOf:

8693

- type: integer

8694

- type: string

8695

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

8696

x-kubernetes-int-or-string: true

8697

description: Limits describes the maximum amount of compute resources allowed.

8698

type: object

8699

requests:

8700

additionalProperties:

8701

anyOf:

8702

- type: integer

8703

- type: string

8704

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

8705

x-kubernetes-int-or-string: true

8706

description: Requests describes the minimum amount of compute resources required.

8707

type: object

8708

type: object

8709

spec:

8710

description: Spec defines the behavior of a pod.

8711

properties:

8712

activeDeadlineSeconds:

8713

description: Optional duration in seconds the pod may be active on the node relative to Start

8714

format: int64

8715

type: integer

8716

affinity:

8717

description: If specified, the pod's scheduling constraints

8718

properties:

8719

nodeAffinity:

8720

description: Describes node affinity scheduling rules for the pod.

8721

properties:

8722

preferredDuringSchedulingIgnoredDuringExecution:

8723

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

8724

items:

8725

description: An empty preferred scheduling term matches all objects with implicit weight 0 (i

8726

properties:

8727

preference:

8728

description: A node selector term, associated with the corresponding weight.

8729

properties:

8730

matchExpressions:

8731

description: A list of node selector requirements by node's labels.

8732

items:

8733

description: A node selector requirement is a selector that contains values, a key, and an op

8734

properties:

8735

key:

8736

description: The label key that the selector applies to.

8737

type: string

8738

operator:

8739

description: Represents a key's relationship to a set of values.

8740

type: string

8741

values:

8742

description: An array of string values.

8743

items:

8744

type: string

8745

type: array

8746

required:

8747

- key

8748

- operator

8749

type: object

8750

type: array

8751

matchFields:

8752

description: A list of node selector requirements by node's fields.

8753

items:

8754

description: A node selector requirement is a selector that contains values, a key, and an op

8755

properties:

8756

key:

8757

description: The label key that the selector applies to.

8758

type: string

8759

operator:

8760

description: Represents a key's relationship to a set of values.

8761

type: string

8762

values:

8763

description: An array of string values.

8764

items:

8765

type: string

8766

type: array

8767

required:

8768

- key

8769

- operator

8770

type: object

8771

type: array

8772

type: object

8773

x-kubernetes-map-type: atomic

8774

weight:

8775

description: Weight associated with matching the corresponding nodeSelectorTerm, in the range

8776

format: int32

8777

type: integer

8778

required:

8779

- preference

8780

- weight

8781

type: object

8782

type: array

8783

requiredDuringSchedulingIgnoredDuringExecution:

8784

description: If the affinity requirements specified by this field are not met at scheduling t

8785

properties:

8786

nodeSelectorTerms:

8787

description: Required. A list of node selector terms. The terms are ORed.

8788

items:

8789

description: A null or empty node selector term matches no objects.

8790

properties:

8791

matchExpressions:

8792

description: A list of node selector requirements by node's labels.

8793

items:

8794

description: A node selector requirement is a selector that contains values, a key, and an op

8795

properties:

8796

key:

8797

description: The label key that the selector applies to.

8798

type: string

8799

operator:

8800

description: Represents a key's relationship to a set of values.

8801

type: string

8802

values:

8803

description: An array of string values.

8804

items:

8805

type: string

8806

type: array

8807

required:

8808

- key

8809

- operator

8810

type: object

8811

type: array

8812

matchFields:

8813

description: A list of node selector requirements by node's fields.

8814

items:

8815

description: A node selector requirement is a selector that contains values, a key, and an op

8816

properties:

8817

key:

8818

description: The label key that the selector applies to.

8819

type: string

8820

operator:

8821

description: Represents a key's relationship to a set of values.

8822

type: string

8823

values:

8824

description: An array of string values.

8825

items:

8826

type: string

8827

type: array

8828

required:

8829

- key

8830

- operator

8831

type: object

8832

type: array

8833

type: object

8834

x-kubernetes-map-type: atomic

8835

type: array

8836

required:

8837

- nodeSelectorTerms

8838

type: object

8839

x-kubernetes-map-type: atomic

8840

type: object

8841

podAffinity:

8842

description: Describes pod affinity scheduling rules (e.g.

8843

properties:

8844

preferredDuringSchedulingIgnoredDuringExecution:

8845

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

8846

items:

8847

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

8848

properties:

8849

podAffinityTerm:

8850

description: Required. A pod affinity term, associated with the corresponding weight.

8851

properties:

8852

labelSelector:

8853

description: A label query over a set of resources, in this case pods.

8854

properties:

8855

matchExpressions:

8856

description: matchExpressions is a list of label selector requirements.

8857

items:

8858

description: A label selector requirement is a selector that contains values, a key, and an o

8859

properties:

8860

key:

8861

description: key is the label key that the selector applies to.

8862

type: string

8863

operator:

8864

description: operator represents a key's relationship to a set of values.

8865

type: string

8866

values:

8867

description: values is an array of string values.

8868

items:

8869

type: string

8870

type: array

8871

required:

8872

- key

8873

- operator

8874

type: object

8875

type: array

8876

matchLabels:

8877

additionalProperties:

8878

type: string

8879

description: matchLabels is a map of {key,value} pairs.

8880

type: object

8881

type: object

8882

x-kubernetes-map-type: atomic

8883

namespaceSelector:

8884

description: A label query over the set of namespaces that the term applies to.

8885

properties:

8886

matchExpressions:

8887

description: matchExpressions is a list of label selector requirements.

8888

items:

8889

description: A label selector requirement is a selector that contains values, a key, and an o

8890

properties:

8891

key:

8892

description: key is the label key that the selector applies to.

8893

type: string

8894

operator:

8895

description: operator represents a key's relationship to a set of values.

8896

type: string

8897

values:

8898

description: values is an array of string values.

8899

items:

8900

type: string

8901

type: array

8902

required:

8903

- key

8904

- operator

8905

type: object

8906

type: array

8907

matchLabels:

8908

additionalProperties:

8909

type: string

8910

description: matchLabels is a map of {key,value} pairs.

8911

type: object

8912

type: object

8913

x-kubernetes-map-type: atomic

8914

namespaces:

8915

description: namespaces specifies a static list of namespace names that the term applies to.

8916

items:

8917

type: string

8918

type: array

8919

topologyKey:

8920

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

8921

type: string

8922

required:

8923

- topologyKey

8924

type: object

8925

weight:

8926

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

8927

format: int32

8928

type: integer

8929

required:

8930

- podAffinityTerm

8931

- weight

8932

type: object

8933

type: array

8934

requiredDuringSchedulingIgnoredDuringExecution:

8935

description: If the affinity requirements specified by this field are not met at scheduling t

8936

items:

8937

description: Defines a set of pods (namely those matching the labelSelector relative to the g

8938

properties:

8939

labelSelector:

8940

description: A label query over a set of resources, in this case pods.

8941

properties:

8942

matchExpressions:

8943

description: matchExpressions is a list of label selector requirements.

8944

items:

8945

description: A label selector requirement is a selector that contains values, a key, and an o

8946

properties:

8947

key:

8948

description: key is the label key that the selector applies to.

8949

type: string

8950

operator:

8951

description: operator represents a key's relationship to a set of values.

8952

type: string

8953

values:

8954

description: values is an array of string values.

8955

items:

8956

type: string

8957

type: array

8958

required:

8959

- key

8960

- operator

8961

type: object

8962

type: array

8963

matchLabels:

8964

additionalProperties:

8965

type: string

8966

description: matchLabels is a map of {key,value} pairs.

8967

type: object

8968

type: object

8969

x-kubernetes-map-type: atomic

8970

namespaceSelector:

8971

description: A label query over the set of namespaces that the term applies to.

8972

properties:

8973

matchExpressions:

8974

description: matchExpressions is a list of label selector requirements.

8975

items:

8976

description: A label selector requirement is a selector that contains values, a key, and an o

8977

properties:

8978

key:

8979

description: key is the label key that the selector applies to.

8980

type: string

8981

operator:

8982

description: operator represents a key's relationship to a set of values.

8983

type: string

8984

values:

8985

description: values is an array of string values.

8986

items:

8987

type: string

8988

type: array

8989

required:

8990

- key

8991

- operator

8992

type: object

8993

type: array

8994

matchLabels:

8995

additionalProperties:

8996

type: string

8997

description: matchLabels is a map of {key,value} pairs.

8998

type: object

8999

type: object

9000

x-kubernetes-map-type: atomic

9001

namespaces:

9002

description: namespaces specifies a static list of namespace names that the term applies to.

9003

items:

9004

type: string

9005

type: array

9006

topologyKey:

9007

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

9008

type: string

9009

required:

9010

- topologyKey

9011

type: object

9012

type: array

9013

type: object

9014

podAntiAffinity:

9015

description: Describes pod anti-affinity scheduling rules (e.g.

9016

properties:

9017

preferredDuringSchedulingIgnoredDuringExecution:

9018

description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini

9019

items:

9020

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

9021

properties:

9022

podAffinityTerm:

9023

description: Required. A pod affinity term, associated with the corresponding weight.

9024

properties:

9025

labelSelector:

9026

description: A label query over a set of resources, in this case pods.

9027

properties:

9028

matchExpressions:

9029

description: matchExpressions is a list of label selector requirements.

9030

items:

9031

description: A label selector requirement is a selector that contains values, a key, and an o

9032

properties:

9033

key:

9034

description: key is the label key that the selector applies to.

9035

type: string

9036

operator:

9037

description: operator represents a key's relationship to a set of values.

9038

type: string

9039

values:

9040

description: values is an array of string values.

9041

items:

9042

type: string

9043

type: array

9044

required:

9045

- key

9046

- operator

9047

type: object

9048

type: array

9049

matchLabels:

9050

additionalProperties:

9051

type: string

9052

description: matchLabels is a map of {key,value} pairs.

9053

type: object

9054

type: object

9055

x-kubernetes-map-type: atomic

9056

namespaceSelector:

9057

description: A label query over the set of namespaces that the term applies to.

9058

properties:

9059

matchExpressions:

9060

description: matchExpressions is a list of label selector requirements.

9061

items:

9062

description: A label selector requirement is a selector that contains values, a key, and an o

9063

properties:

9064

key:

9065

description: key is the label key that the selector applies to.

9066

type: string

9067

operator:

9068

description: operator represents a key's relationship to a set of values.

9069

type: string

9070

values:

9071

description: values is an array of string values.

9072

items:

9073

type: string

9074

type: array

9075

required:

9076

- key

9077

- operator

9078

type: object

9079

type: array

9080

matchLabels:

9081

additionalProperties:

9082

type: string

9083

description: matchLabels is a map of {key,value} pairs.

9084

type: object

9085

type: object

9086

x-kubernetes-map-type: atomic

9087

namespaces:

9088

description: namespaces specifies a static list of namespace names that the term applies to.

9089

items:

9090

type: string

9091

type: array

9092

topologyKey:

9093

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

9094

type: string

9095

required:

9096

- topologyKey

9097

type: object

9098

weight:

9099

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

9100

format: int32

9101

type: integer

9102

required:

9103

- podAffinityTerm

9104

- weight

9105

type: object

9106

type: array

9107

requiredDuringSchedulingIgnoredDuringExecution:

9108

description: If the anti-affinity requirements specified by this field are not met at schedul

9109

items:

9110

description: Defines a set of pods (namely those matching the labelSelector relative to the g

9111

properties:

9112

labelSelector:

9113

description: A label query over a set of resources, in this case pods.

9114

properties:

9115

matchExpressions:

9116

description: matchExpressions is a list of label selector requirements.

9117

items:

9118

description: A label selector requirement is a selector that contains values, a key, and an o

9119

properties:

9120

key:

9121

description: key is the label key that the selector applies to.

9122

type: string

9123

operator:

9124

description: operator represents a key's relationship to a set of values.

9125

type: string

9126

values:

9127

description: values is an array of string values.

9128

items:

9129

type: string

9130

type: array

9131

required:

9132

- key

9133

- operator

9134

type: object

9135

type: array

9136

matchLabels:

9137

additionalProperties:

9138

type: string

9139

description: matchLabels is a map of {key,value} pairs.

9140

type: object

9141

type: object

9142

x-kubernetes-map-type: atomic

9143

namespaceSelector:

9144

description: A label query over the set of namespaces that the term applies to.

9145

properties:

9146

matchExpressions:

9147

description: matchExpressions is a list of label selector requirements.

9148

items:

9149

description: A label selector requirement is a selector that contains values, a key, and an o

9150

properties:

9151

key:

9152

description: key is the label key that the selector applies to.

9153

type: string

9154

operator:

9155

description: operator represents a key's relationship to a set of values.

9156

type: string

9157

values:

9158

description: values is an array of string values.

9159

items:

9160

type: string

9161

type: array

9162

required:

9163

- key

9164

- operator

9165

type: object

9166

type: array

9167

matchLabels:

9168

additionalProperties:

9169

type: string

9170

description: matchLabels is a map of {key,value} pairs.

9171

type: object

9172

type: object

9173

x-kubernetes-map-type: atomic

9174

namespaces:

9175

description: namespaces specifies a static list of namespace names that the term applies to.

9176

items:

9177

type: string

9178

type: array

9179

topologyKey:

9180

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

9181

type: string

9182

required:

9183

- topologyKey

9184

type: object

9185

type: array

9186

type: object

9187

type: object

9188

automountServiceAccountToken:

9189

description: AutomountServiceAccountToken indicates whether a service account token should be

9190

type: boolean

9191

containers:

9192

description: List of containers belonging to the pod.

9193

items:

9194

description: A single application container that you want to run within a pod.

9195

properties:

9196

args:

9197

description: Arguments to the entrypoint.

9198

items:

9199

type: string

9200

type: array

9201

command:

9202

description: Entrypoint array. Not executed within a shell.

9203

items:

9204

type: string

9205

type: array

9206

env:

9207

description: List of environment variables to set in the container. Cannot be updated.

9208

items:

9209

description: EnvVar represents an environment variable present in a Container.

9210

properties:

9211

name:

9212

description: Name of the environment variable. Must be a C_IDENTIFIER.

9213

type: string

9214

value:

9215

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

9216

type: string

9217

valueFrom:

9218

description: Source for the environment variable's value.

9219

properties:

9220

configMapKeyRef:

9221

description: Selects a key of a ConfigMap.

9222

properties:

9223

key:

9224

description: The key to select.

9225

type: string

9226

name:

9227

description: 'Name of the referent. More info: https://kubernetes.'

9228

type: string

9229

optional:

9230

description: Specify whether the ConfigMap or its key must be defined

9231

type: boolean

9232

required:

9233

- key

9234

type: object

9235

x-kubernetes-map-type: atomic

9236

fieldRef:

9237

description: 'Selects a field of the pod: supports metadata.name, metadata.'

9238

properties:

9239

apiVersion:

9240

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

9241

type: string

9242

fieldPath:

9243

description: Path of the field to select in the specified API version.

9244

type: string

9245

required:

9246

- fieldPath

9247

type: object

9248

x-kubernetes-map-type: atomic

9249

resourceFieldRef:

9250

description: 'Selects a resource of the container: only resources limits and requests (limits.'

9251

properties:

9252

containerName:

9253

description: 'Container name: required for volumes, optional for env vars'

9254

type: string

9255

divisor:

9256

anyOf:

9257

- type: integer

9258

- type: string

9259

description: Specifies the output format of the exposed resources, defaults to "1"

9260

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

9261

x-kubernetes-int-or-string: true

9262

resource:

9263

description: 'Required: resource to select'

9264

type: string

9265

required:

9266

- resource

9267

type: object

9268

x-kubernetes-map-type: atomic

9269

secretKeyRef:

9270

description: Selects a key of a secret in the pod's namespace

9271

properties:

9272

key:

9273

description: The key of the secret to select from. Must be a valid secret key.

9274

type: string

9275

name:

9276

description: 'Name of the referent. More info: https://kubernetes.'

9277

type: string

9278

optional:

9279

description: Specify whether the Secret or its key must be defined

9280

type: boolean

9281

required:

9282

- key

9283

type: object

9284

x-kubernetes-map-type: atomic

9285

type: object

9286

required:

9287

- name

9288

type: object

9289

type: array

9290

envFrom:

9291

description: List of sources to populate environment variables in the container.

9292

items:

9293

description: EnvFromSource represents the source of a set of ConfigMaps

9294

properties:

9295

configMapRef:

9296

description: The ConfigMap to select from

9297

properties:

9298

name:

9299

description: 'Name of the referent. More info: https://kubernetes.'

9300

type: string

9301

optional:

9302

description: Specify whether the ConfigMap must be defined

9303

type: boolean

9304

type: object

9305

x-kubernetes-map-type: atomic

9306

prefix:

9307

description: An optional identifier to prepend to each key in the ConfigMap.

9308

type: string

9309

secretRef:

9310

description: The Secret to select from

9311

properties:

9312

name:

9313

description: 'Name of the referent. More info: https://kubernetes.'

9314

type: string

9315

optional:

9316

description: Specify whether the Secret must be defined

9317

type: boolean

9318

type: object

9319

x-kubernetes-map-type: atomic

9320

type: object

9321

type: array

9322

image:

9323

description: 'Docker image name. More info: https://kubernetes.'

9324

type: string

9325

imagePullPolicy:

9326

description: Image pull policy. One of Always, Never, IfNotPresent.

9327

type: string

9328

lifecycle:

9329

description: Actions that the management system should take in response to container lifecycl

9330

properties:

9331

postStart:

9332

description: PostStart is called immediately after a container is created.

9333

properties:

9334

exec:

9335

description: Exec specifies the action to take.

9336

properties:

9337

command:

9338

description: Command is the command line to execute inside the container, the working directo

9339

items:

9340

type: string

9341

type: array

9342

type: object

9343

httpGet:

9344

description: HTTPGet specifies the http request to perform.

9345

properties:

9346

host:

9347

description: Host name to connect to, defaults to the pod IP.

9348

type: string

9349

httpHeaders:

9350

description: Custom headers to set in the request. HTTP allows repeated headers.

9351

items:

9352

description: HTTPHeader describes a custom header to be used in HTTP probes

9353

properties:

9354

name:

9355

description: The header field name

9356

type: string

9357

value:

9358

description: The header field value

9359

type: string

9360

required:

9361

- name

9362

- value

9363

type: object

9364

type: array

9365

path:

9366

description: Path to access on the HTTP server.

9367

type: string

9368

port:

9369

anyOf:

9370

- type: integer

9371

- type: string

9372

description: Name or number of the port to access on the container.

9373

x-kubernetes-int-or-string: true

9374

scheme:

9375

description: Scheme to use for connecting to the host. Defaults to HTTP.

9376

type: string

9377

required:

9378

- port

9379

type: object

9380

tcpSocket:

9381

description: Deprecated.

9382

properties:

9383

host:

9384

description: 'Optional: Host name to connect to, defaults to the pod IP.'

9385

type: string

9386

port:

9387

anyOf:

9388

- type: integer

9389

- type: string

9390

description: Number or name of the port to access on the container.

9391

x-kubernetes-int-or-string: true

9392

required:

9393

- port

9394

type: object

9395

type: object

9396

preStop:

9397

description: PreStop is called immediately before a container is terminated due to an API req

9398

properties:

9399

exec:

9400

description: Exec specifies the action to take.

9401

properties:

9402

command:

9403

description: Command is the command line to execute inside the container, the working directo

9404

items:

9405

type: string

9406

type: array

9407

type: object

9408

httpGet:

9409

description: HTTPGet specifies the http request to perform.

9410

properties:

9411

host:

9412

description: Host name to connect to, defaults to the pod IP.

9413

type: string

9414

httpHeaders:

9415

description: Custom headers to set in the request. HTTP allows repeated headers.

9416

items:

9417

description: HTTPHeader describes a custom header to be used in HTTP probes

9418

properties:

9419

name:

9420

description: The header field name

9421

type: string

9422

value:

9423

description: The header field value

9424

type: string

9425

required:

9426

- name

9427

- value

9428

type: object

9429

type: array

9430

path:

9431

description: Path to access on the HTTP server.

9432

type: string

9433

port:

9434

anyOf:

9435

- type: integer

9436

- type: string

9437

description: Name or number of the port to access on the container.

9438

x-kubernetes-int-or-string: true

9439

scheme:

9440

description: Scheme to use for connecting to the host. Defaults to HTTP.

9441

type: string

9442

required:

9443

- port

9444

type: object

9445

tcpSocket:

9446

description: Deprecated.

9447

properties:

9448

host:

9449

description: 'Optional: Host name to connect to, defaults to the pod IP.'

9450

type: string

9451

port:

9452

anyOf:

9453

- type: integer

9454

- type: string

9455

description: Number or name of the port to access on the container.

9456

x-kubernetes-int-or-string: true

9457

required:

9458

- port

9459

type: object

9460

type: object

9461

type: object

9462

livenessProbe:

9463

description: Periodic probe of container liveness.

9464

properties:

9465

exec:

9466

description: Exec specifies the action to take.

9467

properties:

9468

command:

9469

description: Command is the command line to execute inside the container, the working directo

9470

items:

9471

type: string

9472

type: array

9473

type: object

9474

failureThreshold:

9475

description: 'Minimum consecutive failures for the probe to be considered failed after having '

9476

format: int32

9477

type: integer

9478

grpc:

9479

description: GRPC specifies an action involving a GRPC port.

9480

properties:

9481

port:

9482

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

9483

format: int32

9484

type: integer

9485

service:

9486

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

9487

type: string

9488

required:

9489

- port

9490

type: object

9491

httpGet:

9492

description: HTTPGet specifies the http request to perform.

9493

properties:

9494

host:

9495

description: Host name to connect to, defaults to the pod IP.

9496

type: string

9497

httpHeaders:

9498

description: Custom headers to set in the request. HTTP allows repeated headers.

9499

items:

9500

description: HTTPHeader describes a custom header to be used in HTTP probes

9501

properties:

9502

name:

9503

description: The header field name

9504

type: string

9505

value:

9506

description: The header field value

9507

type: string

9508

required:

9509

- name

9510

- value

9511

type: object

9512

type: array

9513

path:

9514

description: Path to access on the HTTP server.

9515

type: string

9516

port:

9517

anyOf:

9518

- type: integer

9519

- type: string

9520

description: Name or number of the port to access on the container.

9521

x-kubernetes-int-or-string: true

9522

scheme:

9523

description: Scheme to use for connecting to the host. Defaults to HTTP.

9524

type: string

9525

required:

9526

- port

9527

type: object

9528

initialDelaySeconds:

9529

description: Number of seconds after the container has started before liveness probes are ini

9530

format: int32

9531

type: integer

9532

periodSeconds:

9533

description: How often (in seconds) to perform the probe. Default to 10 seconds.

9534

format: int32

9535

type: integer

9536

successThreshold:

9537

description: Minimum consecutive successes for the probe to be considered successful after ha

9538

format: int32

9539

type: integer

9540

tcpSocket:

9541

description: TCPSocket specifies an action involving a TCP port.

9542

properties:

9543

host:

9544

description: 'Optional: Host name to connect to, defaults to the pod IP.'

9545

type: string

9546

port:

9547

anyOf:

9548

- type: integer

9549

- type: string

9550

description: Number or name of the port to access on the container.

9551

x-kubernetes-int-or-string: true

9552

required:

9553

- port

9554

type: object

9555

terminationGracePeriodSeconds:

9556

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

9557

format: int64

9558

type: integer

9559

timeoutSeconds:

9560

description: Number of seconds after which the probe times out. Defaults to 1 second.

9561

format: int32

9562

type: integer

9563

type: object

9564

name:

9565

description: Name of the container specified as a DNS_LABEL.

9566

type: string

9567

ports:

9568

description: List of ports to expose from the container.

9569

items:

9570

description: ContainerPort represents a network port in a single container.

9571

properties:

9572

containerPort:

9573

description: Number of port to expose on the pod's IP address.

9574

format: int32

9575

type: integer

9576

hostIP:

9577

description: What host IP to bind the external port to.

9578

type: string

9579

hostPort:

9580

description: Number of port to expose on the host.

9581

format: int32

9582

type: integer

9583

name:

9584

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

9585

type: string

9586

protocol:

9587

default: TCP

9588

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

9589

type: string

9590

required:

9591

- containerPort

9592

type: object

9593

type: array

9594

x-kubernetes-list-map-keys:

9595

- containerPort

9596

- protocol

9597

x-kubernetes-list-type: map

9598

readinessProbe:

9599

description: Periodic probe of container service readiness.

9600

properties:

9601

exec:

9602

description: Exec specifies the action to take.

9603

properties:

9604

command:

9605

description: Command is the command line to execute inside the container, the working directo

9606

items:

9607

type: string

9608

type: array

9609

type: object

9610

failureThreshold:

9611

description: 'Minimum consecutive failures for the probe to be considered failed after having '

9612

format: int32

9613

type: integer

9614

grpc:

9615

description: GRPC specifies an action involving a GRPC port.

9616

properties:

9617

port:

9618

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

9619

format: int32

9620

type: integer

9621

service:

9622

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

9623

type: string

9624

required:

9625

- port

9626

type: object

9627

httpGet:

9628

description: HTTPGet specifies the http request to perform.

9629

properties:

9630

host:

9631

description: Host name to connect to, defaults to the pod IP.

9632

type: string

9633

httpHeaders:

9634

description: Custom headers to set in the request. HTTP allows repeated headers.

9635

items:

9636

description: HTTPHeader describes a custom header to be used in HTTP probes

9637

properties:

9638

name:

9639

description: The header field name

9640

type: string

9641

value:

9642

description: The header field value

9643

type: string

9644

required:

9645

- name

9646

- value

9647

type: object

9648

type: array

9649

path:

9650

description: Path to access on the HTTP server.

9651

type: string

9652

port:

9653

anyOf:

9654

- type: integer

9655

- type: string

9656

description: Name or number of the port to access on the container.

9657

x-kubernetes-int-or-string: true

9658

scheme:

9659

description: Scheme to use for connecting to the host. Defaults to HTTP.

9660

type: string

9661

required:

9662

- port

9663

type: object

9664

initialDelaySeconds:

9665

description: Number of seconds after the container has started before liveness probes are ini

9666

format: int32

9667

type: integer

9668

periodSeconds:

9669

description: How often (in seconds) to perform the probe. Default to 10 seconds.

9670

format: int32

9671

type: integer

9672

successThreshold:

9673

description: Minimum consecutive successes for the probe to be considered successful after ha

9674

format: int32

9675

type: integer

9676

tcpSocket:

9677

description: TCPSocket specifies an action involving a TCP port.

9678

properties:

9679

host:

9680

description: 'Optional: Host name to connect to, defaults to the pod IP.'

9681

type: string

9682

port:

9683

anyOf:

9684

- type: integer

9685

- type: string

9686

description: Number or name of the port to access on the container.

9687

x-kubernetes-int-or-string: true

9688

required:

9689

- port

9690

type: object

9691

terminationGracePeriodSeconds:

9692

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

9693

format: int64

9694

type: integer

9695

timeoutSeconds:

9696

description: Number of seconds after which the probe times out. Defaults to 1 second.

9697

format: int32

9698

type: integer

9699

type: object

9700

resources:

9701

description: Compute Resources required by this container. Cannot be updated.

9702

properties:

9703

limits:

9704

additionalProperties:

9705

anyOf:

9706

- type: integer

9707

- type: string

9708

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

9709

x-kubernetes-int-or-string: true

9710

description: Limits describes the maximum amount of compute resources allowed.

9711

type: object

9712

requests:

9713

additionalProperties:

9714

anyOf:

9715

- type: integer

9716

- type: string

9717

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

9718

x-kubernetes-int-or-string: true

9719

description: Requests describes the minimum amount of compute resources required.

9720

type: object

9721

type: object

9722

securityContext:

9723

description: SecurityContext defines the security options the container should be run with.

9724

properties:

9725

allowPrivilegeEscalation:

9726

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

9727

type: boolean

9728

capabilities:

9729

description: The capabilities to add/drop when running containers.

9730

properties:

9731

add:

9732

description: Added capabilities

9733

items:

9734

description: Capability represent POSIX capabilities type

9735

type: string

9736

type: array

9737

drop:

9738

description: Removed capabilities

9739

items:

9740

description: Capability represent POSIX capabilities type

9741

type: string

9742

type: array

9743

type: object

9744

privileged:

9745

description: Run container in privileged mode.

9746

type: boolean

9747

procMount:

9748

description: procMount denotes the type of proc mount to use for the containers.

9749

type: string

9750

readOnlyRootFilesystem:

9751

description: Whether this container has a read-only root filesystem. Default is false.

9752

type: boolean

9753

runAsGroup:

9754

description: The GID to run the entrypoint of the container process.

9755

format: int64

9756

type: integer

9757

runAsNonRoot:

9758

description: Indicates that the container must run as a non-root user.

9759

type: boolean

9760

runAsUser:

9761

description: The UID to run the entrypoint of the container process.

9762

format: int64

9763

type: integer

9764

seLinuxOptions:

9765

description: The SELinux context to be applied to the container.

9766

properties:

9767

level:

9768

description: Level is SELinux level label that applies to the container.

9769

type: string

9770

role:

9771

description: Role is a SELinux role label that applies to the container.

9772

type: string

9773

type:

9774

description: Type is a SELinux type label that applies to the container.

9775

type: string

9776

user:

9777

description: User is a SELinux user label that applies to the container.

9778

type: string

9779

type: object

9780

seccompProfile:

9781

description: The seccomp options to use by this container.

9782

properties:

9783

localhostProfile:

9784

description: localhostProfile indicates a profile defined in a file on the node should be use

9785

type: string

9786

type:

9787

description: type indicates which kind of seccomp profile will be applied.

9788

type: string

9789

required:

9790

- type

9791

type: object

9792

windowsOptions:

9793

description: The Windows specific settings applied to all containers.

9794

properties:

9795

gmsaCredentialSpec:

9796

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

9797

type: string

9798

gmsaCredentialSpecName:

9799

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

9800

type: string

9801

hostProcess:

9802

description: HostProcess determines if a container should be run as a 'Host Process' containe

9803

type: boolean

9804

runAsUserName:

9805

description: The UserName in Windows to run the entrypoint of the container process.

9806

type: string

9807

type: object

9808

type: object

9809

startupProbe:

9810

description: StartupProbe indicates that the Pod has successfully initialized.

9811

properties:

9812

exec:

9813

description: Exec specifies the action to take.

9814

properties:

9815

command:

9816

description: Command is the command line to execute inside the container, the working directo

9817

items:

9818

type: string

9819

type: array

9820

type: object

9821

failureThreshold:

9822

description: 'Minimum consecutive failures for the probe to be considered failed after having '

9823

format: int32

9824

type: integer

9825

grpc:

9826

description: GRPC specifies an action involving a GRPC port.

9827

properties:

9828

port:

9829

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

9830

format: int32

9831

type: integer

9832

service:

9833

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

9834

type: string

9835

required:

9836

- port

9837

type: object

9838

httpGet:

9839

description: HTTPGet specifies the http request to perform.

9840

properties:

9841

host:

9842

description: Host name to connect to, defaults to the pod IP.

9843

type: string

9844

httpHeaders:

9845

description: Custom headers to set in the request. HTTP allows repeated headers.

9846

items:

9847

description: HTTPHeader describes a custom header to be used in HTTP probes

9848

properties:

9849

name:

9850

description: The header field name

9851

type: string

9852

value:

9853

description: The header field value

9854

type: string

9855

required:

9856

- name

9857

- value

9858

type: object

9859

type: array

9860

path:

9861

description: Path to access on the HTTP server.

9862

type: string

9863

port:

9864

anyOf:

9865

- type: integer

9866

- type: string

9867

description: Name or number of the port to access on the container.

9868

x-kubernetes-int-or-string: true

9869

scheme:

9870

description: Scheme to use for connecting to the host. Defaults to HTTP.

9871

type: string

9872

required:

9873

- port

9874

type: object

9875

initialDelaySeconds:

9876

description: Number of seconds after the container has started before liveness probes are ini

9877

format: int32

9878

type: integer

9879

periodSeconds:

9880

description: How often (in seconds) to perform the probe. Default to 10 seconds.

9881

format: int32

9882

type: integer

9883

successThreshold:

9884

description: Minimum consecutive successes for the probe to be considered successful after ha

9885

format: int32

9886

type: integer

9887

tcpSocket:

9888

description: TCPSocket specifies an action involving a TCP port.

9889

properties:

9890

host:

9891

description: 'Optional: Host name to connect to, defaults to the pod IP.'

9892

type: string

9893

port:

9894

anyOf:

9895

- type: integer

9896

- type: string

9897

description: Number or name of the port to access on the container.

9898

x-kubernetes-int-or-string: true

9899

required:

9900

- port

9901

type: object

9902

terminationGracePeriodSeconds:

9903

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

9904

format: int64

9905

type: integer

9906

timeoutSeconds:

9907

description: Number of seconds after which the probe times out. Defaults to 1 second.

9908

format: int32

9909

type: integer

9910

type: object

9911

stdin:

9912

description: Whether this container should allocate a buffer for stdin in the container runti

9913

type: boolean

9914

stdinOnce:

9915

description: Whether the container runtime should close the stdin channel after it has been o

9916

type: boolean

9917

terminationMessagePath:

9918

description: 'Optional: Path at which the file to which the container''s termination message wi'

9919

type: string

9920

terminationMessagePolicy:

9921

description: Indicate how the termination message should be populated.

9922

type: string

9923

tty:

9924

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

9925

type: boolean

9926

volumeDevices:

9927

description: volumeDevices is the list of block devices to be used by the container.

9928

items:

9929

description: volumeDevice describes a mapping of a raw block device within a container.

9930

properties:

9931

devicePath:

9932

description: devicePath is the path inside of the container that the device will be mapped to

9933

type: string

9934

name:

9935

description: name must match the name of a persistentVolumeClaim in the pod

9936

type: string

9937

required:

9938

- devicePath

9939

- name

9940

type: object

9941

type: array

9942

volumeMounts:

9943

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

9944

items:

9945

description: VolumeMount describes a mounting of a Volume within a container.

9946

properties:

9947

mountPath:

9948

description: Path within the container at which the volume should be mounted.

9949

type: string

9950

mountPropagation:

9951

description: mountPropagation determines how mounts are propagated from the host to container

9952

type: string

9953

name:

9954

description: This must match the Name of a Volume.

9955

type: string

9956

readOnly:

9957

description: Mounted read-only if true, read-write otherwise (false or unspecified).

9958

type: boolean

9959

subPath:

9960

description: Path within the volume from which the container's volume should be mounted.

9961

type: string

9962

subPathExpr:

9963

description: Expanded path within the volume from which the container's volume should be moun

9964

type: string

9965

required:

9966

- mountPath

9967

- name

9968

type: object

9969

type: array

9970

workingDir:

9971

description: Container's working directory.

9972

type: string

9973

required:

9974

- name

9975

type: object

9976

type: array

9977

dnsConfig:

9978

description: Specifies the DNS parameters of a pod.

9979

properties:

9980

nameservers:

9981

description: A list of DNS name server IP addresses.

9982

items:

9983

type: string

9984

type: array

9985

options:

9986

description: A list of DNS resolver options.

9987

items:

9988

description: PodDNSConfigOption defines DNS resolver options of a pod.

9989

properties:

9990

name:

9991

description: Required.

9992

type: string

9993

value:

9994

type: string

9995

type: object

9996

type: array

9997

searches:

9998

description: A list of DNS search domains for host-name lookup.

9999

items:

10000

type: string

10001

type: array

10002

type: object

10003

dnsPolicy:

10004

description: Set DNS policy for the pod. Defaults to "ClusterFirst".

10005

type: string

10006

enableServiceLinks:

10007

description: EnableServiceLinks indicates whether information about services should be inject

10008

type: boolean

10009

ephemeralContainers:

10010

description: List of ephemeral containers run in this pod.

10011

items:

10012

description: An EphemeralContainer is a temporary container that you may add to an existing P

10013

properties:

10014

args:

10015

description: Arguments to the entrypoint.

10016

items:

10017

type: string

10018

type: array

10019

command:

10020

description: Entrypoint array. Not executed within a shell.

10021

items:

10022

type: string

10023

type: array

10024

env:

10025

description: List of environment variables to set in the container. Cannot be updated.

10026

items:

10027

description: EnvVar represents an environment variable present in a Container.

10028

properties:

10029

name:

10030

description: Name of the environment variable. Must be a C_IDENTIFIER.

10031

type: string

10032

value:

10033

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

10034

type: string

10035

valueFrom:

10036

description: Source for the environment variable's value.

10037

properties:

10038

configMapKeyRef:

10039

description: Selects a key of a ConfigMap.

10040

properties:

10041

key:

10042

description: The key to select.

10043

type: string

10044

name:

10045

description: 'Name of the referent. More info: https://kubernetes.'

10046

type: string

10047

optional:

10048

description: Specify whether the ConfigMap or its key must be defined

10049

type: boolean

10050

required:

10051

- key

10052

type: object

10053

x-kubernetes-map-type: atomic

10054

fieldRef:

10055

description: 'Selects a field of the pod: supports metadata.name, metadata.'

10056

properties:

10057

apiVersion:

10058

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

10059

type: string

10060

fieldPath:

10061

description: Path of the field to select in the specified API version.

10062

type: string

10063

required:

10064

- fieldPath

10065

type: object

10066

x-kubernetes-map-type: atomic

10067

resourceFieldRef:

10068

description: 'Selects a resource of the container: only resources limits and requests (limits.'

10069

properties:

10070

containerName:

10071

description: 'Container name: required for volumes, optional for env vars'

10072

type: string

10073

divisor:

10074

anyOf:

10075

- type: integer

10076

- type: string

10077

description: Specifies the output format of the exposed resources, defaults to "1"

10078

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

10079

x-kubernetes-int-or-string: true

10080

resource:

10081

description: 'Required: resource to select'

10082

type: string

10083

required:

10084

- resource

10085

type: object

10086

x-kubernetes-map-type: atomic

10087

secretKeyRef:

10088

description: Selects a key of a secret in the pod's namespace

10089

properties:

10090

key:

10091

description: The key of the secret to select from. Must be a valid secret key.

10092

type: string

10093

name:

10094

description: 'Name of the referent. More info: https://kubernetes.'

10095

type: string

10096

optional:

10097

description: Specify whether the Secret or its key must be defined

10098

type: boolean

10099

required:

10100

- key

10101

type: object

10102

x-kubernetes-map-type: atomic

10103

type: object

10104

required:

10105

- name

10106

type: object

10107

type: array

10108

envFrom:

10109

description: List of sources to populate environment variables in the container.

10110

items:

10111

description: EnvFromSource represents the source of a set of ConfigMaps

10112

properties:

10113

configMapRef:

10114

description: The ConfigMap to select from

10115

properties:

10116

name:

10117

description: 'Name of the referent. More info: https://kubernetes.'

10118

type: string

10119

optional:

10120

description: Specify whether the ConfigMap must be defined

10121

type: boolean

10122

type: object

10123

x-kubernetes-map-type: atomic

10124

prefix:

10125

description: An optional identifier to prepend to each key in the ConfigMap.

10126

type: string

10127

secretRef:

10128

description: The Secret to select from

10129

properties:

10130

name:

10131

description: 'Name of the referent. More info: https://kubernetes.'

10132

type: string

10133

optional:

10134

description: Specify whether the Secret must be defined

10135

type: boolean

10136

type: object

10137

x-kubernetes-map-type: atomic

10138

type: object

10139

type: array

10140

image:

10141

description: 'Docker image name. More info: https://kubernetes.'

10142

type: string

10143

imagePullPolicy:

10144

description: Image pull policy. One of Always, Never, IfNotPresent.

10145

type: string

10146

lifecycle:

10147

description: Lifecycle is not allowed for ephemeral containers.

10148

properties:

10149

postStart:

10150

description: PostStart is called immediately after a container is created.

10151

properties:

10152

exec:

10153

description: Exec specifies the action to take.

10154

properties:

10155

command:

10156

description: Command is the command line to execute inside the container, the working directo

10157

items:

10158

type: string

10159

type: array

10160

type: object

10161

httpGet:

10162

description: HTTPGet specifies the http request to perform.

10163

properties:

10164

host:

10165

description: Host name to connect to, defaults to the pod IP.

10166

type: string

10167

httpHeaders:

10168

description: Custom headers to set in the request. HTTP allows repeated headers.

10169

items:

10170

description: HTTPHeader describes a custom header to be used in HTTP probes

10171

properties:

10172

name:

10173

description: The header field name

10174

type: string

10175

value:

10176

description: The header field value

10177

type: string

10178

required:

10179

- name

10180

- value

10181

type: object

10182

type: array

10183

path:

10184

description: Path to access on the HTTP server.

10185

type: string

10186

port:

10187

anyOf:

10188

- type: integer

10189

- type: string

10190

description: Name or number of the port to access on the container.

10191

x-kubernetes-int-or-string: true

10192

scheme:

10193

description: Scheme to use for connecting to the host. Defaults to HTTP.

10194

type: string

10195

required:

10196

- port

10197

type: object

10198

tcpSocket:

10199

description: Deprecated.

10200

properties:

10201

host:

10202

description: 'Optional: Host name to connect to, defaults to the pod IP.'

10203

type: string

10204

port:

10205

anyOf:

10206

- type: integer

10207

- type: string

10208

description: Number or name of the port to access on the container.

10209

x-kubernetes-int-or-string: true

10210

required:

10211

- port

10212

type: object

10213

type: object

10214

preStop:

10215

description: PreStop is called immediately before a container is terminated due to an API req

10216

properties:

10217

exec:

10218

description: Exec specifies the action to take.

10219

properties:

10220

command:

10221

description: Command is the command line to execute inside the container, the working directo

10222

items:

10223

type: string

10224

type: array

10225

type: object

10226

httpGet:

10227

description: HTTPGet specifies the http request to perform.

10228

properties:

10229

host:

10230

description: Host name to connect to, defaults to the pod IP.

10231

type: string

10232

httpHeaders:

10233

description: Custom headers to set in the request. HTTP allows repeated headers.

10234

items:

10235

description: HTTPHeader describes a custom header to be used in HTTP probes

10236

properties:

10237

name:

10238

description: The header field name

10239

type: string

10240

value:

10241

description: The header field value

10242

type: string

10243

required:

10244

- name

10245

- value

10246

type: object

10247

type: array

10248

path:

10249

description: Path to access on the HTTP server.

10250

type: string

10251

port:

10252

anyOf:

10253

- type: integer

10254

- type: string

10255

description: Name or number of the port to access on the container.

10256

x-kubernetes-int-or-string: true

10257

scheme:

10258

description: Scheme to use for connecting to the host. Defaults to HTTP.

10259

type: string

10260

required:

10261

- port

10262

type: object

10263

tcpSocket:

10264

description: Deprecated.

10265

properties:

10266

host:

10267

description: 'Optional: Host name to connect to, defaults to the pod IP.'

10268

type: string

10269

port:

10270

anyOf:

10271

- type: integer

10272

- type: string

10273

description: Number or name of the port to access on the container.

10274

x-kubernetes-int-or-string: true

10275

required:

10276

- port

10277

type: object

10278

type: object

10279

type: object

10280

livenessProbe:

10281

description: Probes are not allowed for ephemeral containers.

10282

properties:

10283

exec:

10284

description: Exec specifies the action to take.

10285

properties:

10286

command:

10287

description: Command is the command line to execute inside the container, the working directo

10288

items:

10289

type: string

10290

type: array

10291

type: object

10292

failureThreshold:

10293

description: 'Minimum consecutive failures for the probe to be considered failed after having '

10294

format: int32

10295

type: integer

10296

grpc:

10297

description: GRPC specifies an action involving a GRPC port.

10298

properties:

10299

port:

10300

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

10301

format: int32

10302

type: integer

10303

service:

10304

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

10305

type: string

10306

required:

10307

- port

10308

type: object

10309

httpGet:

10310

description: HTTPGet specifies the http request to perform.

10311

properties:

10312

host:

10313

description: Host name to connect to, defaults to the pod IP.

10314

type: string

10315

httpHeaders:

10316

description: Custom headers to set in the request. HTTP allows repeated headers.

10317

items:

10318

description: HTTPHeader describes a custom header to be used in HTTP probes

10319

properties:

10320

name:

10321

description: The header field name

10322

type: string

10323

value:

10324

description: The header field value

10325

type: string

10326

required:

10327

- name

10328

- value

10329

type: object

10330

type: array

10331

path:

10332

description: Path to access on the HTTP server.

10333

type: string

10334

port:

10335

anyOf:

10336

- type: integer

10337

- type: string

10338

description: Name or number of the port to access on the container.

10339

x-kubernetes-int-or-string: true

10340

scheme:

10341

description: Scheme to use for connecting to the host. Defaults to HTTP.

10342

type: string

10343

required:

10344

- port

10345

type: object

10346

initialDelaySeconds:

10347

description: Number of seconds after the container has started before liveness probes are ini

10348

format: int32

10349

type: integer

10350

periodSeconds:

10351

description: How often (in seconds) to perform the probe. Default to 10 seconds.

10352

format: int32

10353

type: integer

10354

successThreshold:

10355

description: Minimum consecutive successes for the probe to be considered successful after ha

10356

format: int32

10357

type: integer

10358

tcpSocket:

10359

description: TCPSocket specifies an action involving a TCP port.

10360

properties:

10361

host:

10362

description: 'Optional: Host name to connect to, defaults to the pod IP.'

10363

type: string

10364

port:

10365

anyOf:

10366

- type: integer

10367

- type: string

10368

description: Number or name of the port to access on the container.

10369

x-kubernetes-int-or-string: true

10370

required:

10371

- port

10372

type: object

10373

terminationGracePeriodSeconds:

10374

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

10375

format: int64

10376

type: integer

10377

timeoutSeconds:

10378

description: Number of seconds after which the probe times out. Defaults to 1 second.

10379

format: int32

10380

type: integer

10381

type: object

10382

name:

10383

description: Name of the ephemeral container specified as a DNS_LABEL.

10384

type: string

10385

ports:

10386

description: Ports are not allowed for ephemeral containers.

10387

items:

10388

description: ContainerPort represents a network port in a single container.

10389

properties:

10390

containerPort:

10391

description: Number of port to expose on the pod's IP address.

10392

format: int32

10393

type: integer

10394

hostIP:

10395

description: What host IP to bind the external port to.

10396

type: string

10397

hostPort:

10398

description: Number of port to expose on the host.

10399

format: int32

10400

type: integer

10401

name:

10402

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

10403

type: string

10404

protocol:

10405

default: TCP

10406

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

10407

type: string

10408

required:

10409

- containerPort

10410

type: object

10411

type: array

10412

x-kubernetes-list-map-keys:

10413

- containerPort

10414

- protocol

10415

x-kubernetes-list-type: map

10416

readinessProbe:

10417

description: Probes are not allowed for ephemeral containers.

10418

properties:

10419

exec:

10420

description: Exec specifies the action to take.

10421

properties:

10422

command:

10423

description: Command is the command line to execute inside the container, the working directo

10424

items:

10425

type: string

10426

type: array

10427

type: object

10428

failureThreshold:

10429

description: 'Minimum consecutive failures for the probe to be considered failed after having '

10430

format: int32

10431

type: integer

10432

grpc:

10433

description: GRPC specifies an action involving a GRPC port.

10434

properties:

10435

port:

10436

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

10437

format: int32

10438

type: integer

10439

service:

10440

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

10441

type: string

10442

required:

10443

- port

10444

type: object

10445

httpGet:

10446

description: HTTPGet specifies the http request to perform.

10447

properties:

10448

host:

10449

description: Host name to connect to, defaults to the pod IP.

10450

type: string

10451

httpHeaders:

10452

description: Custom headers to set in the request. HTTP allows repeated headers.

10453

items:

10454

description: HTTPHeader describes a custom header to be used in HTTP probes

10455

properties:

10456

name:

10457

description: The header field name

10458

type: string

10459

value:

10460

description: The header field value

10461

type: string

10462

required:

10463

- name

10464

- value

10465

type: object

10466

type: array

10467

path:

10468

description: Path to access on the HTTP server.

10469

type: string

10470

port:

10471

anyOf:

10472

- type: integer

10473

- type: string

10474

description: Name or number of the port to access on the container.

10475

x-kubernetes-int-or-string: true

10476

scheme:

10477

description: Scheme to use for connecting to the host. Defaults to HTTP.

10478

type: string

10479

required:

10480

- port

10481

type: object

10482

initialDelaySeconds:

10483

description: Number of seconds after the container has started before liveness probes are ini

10484

format: int32

10485

type: integer

10486

periodSeconds:

10487

description: How often (in seconds) to perform the probe. Default to 10 seconds.

10488

format: int32

10489

type: integer

10490

successThreshold:

10491

description: Minimum consecutive successes for the probe to be considered successful after ha

10492

format: int32

10493

type: integer

10494

tcpSocket:

10495

description: TCPSocket specifies an action involving a TCP port.

10496

properties:

10497

host:

10498

description: 'Optional: Host name to connect to, defaults to the pod IP.'

10499

type: string

10500

port:

10501

anyOf:

10502

- type: integer

10503

- type: string

10504

description: Number or name of the port to access on the container.

10505

x-kubernetes-int-or-string: true

10506

required:

10507

- port

10508

type: object

10509

terminationGracePeriodSeconds:

10510

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

10511

format: int64

10512

type: integer

10513

timeoutSeconds:

10514

description: Number of seconds after which the probe times out. Defaults to 1 second.

10515

format: int32

10516

type: integer

10517

type: object

10518

resources:

10519

description: Resources are not allowed for ephemeral containers.

10520

properties:

10521

limits:

10522

additionalProperties:

10523

anyOf:

10524

- type: integer

10525

- type: string

10526

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

10527

x-kubernetes-int-or-string: true

10528

description: Limits describes the maximum amount of compute resources allowed.

10529

type: object

10530

requests:

10531

additionalProperties:

10532

anyOf:

10533

- type: integer

10534

- type: string

10535

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

10536

x-kubernetes-int-or-string: true

10537

description: Requests describes the minimum amount of compute resources required.

10538

type: object

10539

type: object

10540

securityContext:

10541

description: 'Optional: SecurityContext defines the security options the ephemeral container s'

10542

properties:

10543

allowPrivilegeEscalation:

10544

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

10545

type: boolean

10546

capabilities:

10547

description: The capabilities to add/drop when running containers.

10548

properties:

10549

add:

10550

description: Added capabilities

10551

items:

10552

description: Capability represent POSIX capabilities type

10553

type: string

10554

type: array

10555

drop:

10556

description: Removed capabilities

10557

items:

10558

description: Capability represent POSIX capabilities type

10559

type: string

10560

type: array

10561

type: object

10562

privileged:

10563

description: Run container in privileged mode.

10564

type: boolean

10565

procMount:

10566

description: procMount denotes the type of proc mount to use for the containers.

10567

type: string

10568

readOnlyRootFilesystem:

10569

description: Whether this container has a read-only root filesystem. Default is false.

10570

type: boolean

10571

runAsGroup:

10572

description: The GID to run the entrypoint of the container process.

10573

format: int64

10574

type: integer

10575

runAsNonRoot:

10576

description: Indicates that the container must run as a non-root user.

10577

type: boolean

10578

runAsUser:

10579

description: The UID to run the entrypoint of the container process.

10580

format: int64

10581

type: integer

10582

seLinuxOptions:

10583

description: The SELinux context to be applied to the container.

10584

properties:

10585

level:

10586

description: Level is SELinux level label that applies to the container.

10587

type: string

10588

role:

10589

description: Role is a SELinux role label that applies to the container.

10590

type: string

10591

type:

10592

description: Type is a SELinux type label that applies to the container.

10593

type: string

10594

user:

10595

description: User is a SELinux user label that applies to the container.

10596

type: string

10597

type: object

10598

seccompProfile:

10599

description: The seccomp options to use by this container.

10600

properties:

10601

localhostProfile:

10602

description: localhostProfile indicates a profile defined in a file on the node should be use

10603

type: string

10604

type:

10605

description: type indicates which kind of seccomp profile will be applied.

10606

type: string

10607

required:

10608

- type

10609

type: object

10610

windowsOptions:

10611

description: The Windows specific settings applied to all containers.

10612

properties:

10613

gmsaCredentialSpec:

10614

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

10615

type: string

10616

gmsaCredentialSpecName:

10617

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

10618

type: string

10619

hostProcess:

10620

description: HostProcess determines if a container should be run as a 'Host Process' containe

10621

type: boolean

10622

runAsUserName:

10623

description: The UserName in Windows to run the entrypoint of the container process.

10624

type: string

10625

type: object

10626

type: object

10627

startupProbe:

10628

description: Probes are not allowed for ephemeral containers.

10629

properties:

10630

exec:

10631

description: Exec specifies the action to take.

10632

properties:

10633

command:

10634

description: Command is the command line to execute inside the container, the working directo

10635

items:

10636

type: string

10637

type: array

10638

type: object

10639

failureThreshold:

10640

description: 'Minimum consecutive failures for the probe to be considered failed after having '

10641

format: int32

10642

type: integer

10643

grpc:

10644

description: GRPC specifies an action involving a GRPC port.

10645

properties:

10646

port:

10647

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

10648

format: int32

10649

type: integer

10650

service:

10651

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

10652

type: string

10653

required:

10654

- port

10655

type: object

10656

httpGet:

10657

description: HTTPGet specifies the http request to perform.

10658

properties:

10659

host:

10660

description: Host name to connect to, defaults to the pod IP.

10661

type: string

10662

httpHeaders:

10663

description: Custom headers to set in the request. HTTP allows repeated headers.

10664

items:

10665

description: HTTPHeader describes a custom header to be used in HTTP probes

10666

properties:

10667

name:

10668

description: The header field name

10669

type: string

10670

value:

10671

description: The header field value

10672

type: string

10673

required:

10674

- name

10675

- value

10676

type: object

10677

type: array

10678

path:

10679

description: Path to access on the HTTP server.

10680

type: string

10681

port:

10682

anyOf:

10683

- type: integer

10684

- type: string

10685

description: Name or number of the port to access on the container.

10686

x-kubernetes-int-or-string: true

10687

scheme:

10688

description: Scheme to use for connecting to the host. Defaults to HTTP.

10689

type: string

10690

required:

10691

- port

10692

type: object

10693

initialDelaySeconds:

10694

description: Number of seconds after the container has started before liveness probes are ini

10695

format: int32

10696

type: integer

10697

periodSeconds:

10698

description: How often (in seconds) to perform the probe. Default to 10 seconds.

10699

format: int32

10700

type: integer

10701

successThreshold:

10702

description: Minimum consecutive successes for the probe to be considered successful after ha

10703

format: int32

10704

type: integer

10705

tcpSocket:

10706

description: TCPSocket specifies an action involving a TCP port.

10707

properties:

10708

host:

10709

description: 'Optional: Host name to connect to, defaults to the pod IP.'

10710

type: string

10711

port:

10712

anyOf:

10713

- type: integer

10714

- type: string

10715

description: Number or name of the port to access on the container.

10716

x-kubernetes-int-or-string: true

10717

required:

10718

- port

10719

type: object

10720

terminationGracePeriodSeconds:

10721

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

10722

format: int64

10723

type: integer

10724

timeoutSeconds:

10725

description: Number of seconds after which the probe times out. Defaults to 1 second.

10726

format: int32

10727

type: integer

10728

type: object

10729

stdin:

10730

description: Whether this container should allocate a buffer for stdin in the container runti

10731

type: boolean

10732

stdinOnce:

10733

description: Whether the container runtime should close the stdin channel after it has been o

10734

type: boolean

10735

targetContainerName:

10736

description: If set, the name of the container from PodSpec that this ephemeral container tar

10737

type: string

10738

terminationMessagePath:

10739

description: 'Optional: Path at which the file to which the container''s termination message wi'

10740

type: string

10741

terminationMessagePolicy:

10742

description: Indicate how the termination message should be populated.

10743

type: string

10744

tty:

10745

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

10746

type: boolean

10747

volumeDevices:

10748

description: volumeDevices is the list of block devices to be used by the container.

10749

items:

10750

description: volumeDevice describes a mapping of a raw block device within a container.

10751

properties:

10752

devicePath:

10753

description: devicePath is the path inside of the container that the device will be mapped to

10754

type: string

10755

name:

10756

description: name must match the name of a persistentVolumeClaim in the pod

10757

type: string

10758

required:

10759

- devicePath

10760

- name

10761

type: object

10762

type: array

10763

volumeMounts:

10764

description: Pod volumes to mount into the container's filesystem.

10765

items:

10766

description: VolumeMount describes a mounting of a Volume within a container.

10767

properties:

10768

mountPath:

10769

description: Path within the container at which the volume should be mounted.

10770

type: string

10771

mountPropagation:

10772

description: mountPropagation determines how mounts are propagated from the host to container

10773

type: string

10774

name:

10775

description: This must match the Name of a Volume.

10776

type: string

10777

readOnly:

10778

description: Mounted read-only if true, read-write otherwise (false or unspecified).

10779

type: boolean

10780

subPath:

10781

description: Path within the volume from which the container's volume should be mounted.

10782

type: string

10783

subPathExpr:

10784

description: Expanded path within the volume from which the container's volume should be moun

10785

type: string

10786

required:

10787

- mountPath

10788

- name

10789

type: object

10790

type: array

10791

workingDir:

10792

description: Container's working directory.

10793

type: string

10794

required:

10795

- name

10796

type: object

10797

type: array

10798

hostAliases:

10799

description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '

10800

items:

10801

description: HostAlias holds the mapping between IP and hostnames that will be injected as an

10802

properties:

10803

hostnames:

10804

description: Hostnames for the above IP address.

10805

items:

10806

type: string

10807

type: array

10808

ip:

10809

description: IP address of the host file entry.

10810

type: string

10811

type: object

10812

type: array

10813

hostIPC:

10814

description: 'Use the host''s ipc namespace. Optional: Default to false.'

10815

type: boolean

10816

hostNetwork:

10817

description: Host networking requested for this pod. Use the host's network namespace.

10818

type: boolean

10819

hostPID:

10820

description: 'Use the host''s pid namespace. Optional: Default to false.'

10821

type: boolean

10822

hostname:

10823

description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s

10824

type: string

10825

imagePullSecrets:

10826

description: ImagePullSecrets is an optional list of references to secrets in the same namesp

10827

items:

10828

description: LocalObjectReference contains enough information to let you locate the reference

10829

properties:

10830

name:

10831

description: 'Name of the referent. More info: https://kubernetes.'

10832

type: string

10833

type: object

10834

x-kubernetes-map-type: atomic

10835

type: array

10836

initContainers:

10837

description: List of initialization containers belonging to the pod.

10838

items:

10839

description: A single application container that you want to run within a pod.

10840

properties:

10841

args:

10842

description: Arguments to the entrypoint.

10843

items:

10844

type: string

10845

type: array

10846

command:

10847

description: Entrypoint array. Not executed within a shell.

10848

items:

10849

type: string

10850

type: array

10851

env:

10852

description: List of environment variables to set in the container. Cannot be updated.

10853

items:

10854

description: EnvVar represents an environment variable present in a Container.

10855

properties:

10856

name:

10857

description: Name of the environment variable. Must be a C_IDENTIFIER.

10858

type: string

10859

value:

10860

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

10861

type: string

10862

valueFrom:

10863

description: Source for the environment variable's value.

10864

properties:

10865

configMapKeyRef:

10866

description: Selects a key of a ConfigMap.

10867

properties:

10868

key:

10869

description: The key to select.

10870

type: string

10871

name:

10872

description: 'Name of the referent. More info: https://kubernetes.'

10873

type: string

10874

optional:

10875

description: Specify whether the ConfigMap or its key must be defined

10876

type: boolean

10877

required:

10878

- key

10879

type: object

10880

x-kubernetes-map-type: atomic

10881

fieldRef:

10882

description: 'Selects a field of the pod: supports metadata.name, metadata.'

10883

properties:

10884

apiVersion:

10885

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

10886

type: string

10887

fieldPath:

10888

description: Path of the field to select in the specified API version.

10889

type: string

10890

required:

10891

- fieldPath

10892

type: object

10893

x-kubernetes-map-type: atomic

10894

resourceFieldRef:

10895

description: 'Selects a resource of the container: only resources limits and requests (limits.'

10896

properties:

10897

containerName:

10898

description: 'Container name: required for volumes, optional for env vars'

10899

type: string

10900

divisor:

10901

anyOf:

10902

- type: integer

10903

- type: string

10904

description: Specifies the output format of the exposed resources, defaults to "1"

10905

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

10906

x-kubernetes-int-or-string: true

10907

resource:

10908

description: 'Required: resource to select'

10909

type: string

10910

required:

10911

- resource

10912

type: object

10913

x-kubernetes-map-type: atomic

10914

secretKeyRef:

10915

description: Selects a key of a secret in the pod's namespace

10916

properties:

10917

key:

10918

description: The key of the secret to select from. Must be a valid secret key.

10919

type: string

10920

name:

10921

description: 'Name of the referent. More info: https://kubernetes.'

10922

type: string

10923

optional:

10924

description: Specify whether the Secret or its key must be defined

10925

type: boolean

10926

required:

10927

- key

10928

type: object

10929

x-kubernetes-map-type: atomic

10930

type: object

10931

required:

10932

- name

10933

type: object

10934

type: array

10935

envFrom:

10936

description: List of sources to populate environment variables in the container.

10937

items:

10938

description: EnvFromSource represents the source of a set of ConfigMaps

10939

properties:

10940

configMapRef:

10941

description: The ConfigMap to select from

10942

properties:

10943

name:

10944

description: 'Name of the referent. More info: https://kubernetes.'

10945

type: string

10946

optional:

10947

description: Specify whether the ConfigMap must be defined

10948

type: boolean

10949

type: object

10950

x-kubernetes-map-type: atomic

10951

prefix:

10952

description: An optional identifier to prepend to each key in the ConfigMap.

10953

type: string

10954

secretRef:

10955

description: The Secret to select from

10956

properties:

10957

name:

10958

description: 'Name of the referent. More info: https://kubernetes.'

10959

type: string

10960

optional:

10961

description: Specify whether the Secret must be defined

10962

type: boolean

10963

type: object

10964

x-kubernetes-map-type: atomic

10965

type: object

10966

type: array

10967

image:

10968

description: 'Docker image name. More info: https://kubernetes.'

10969

type: string

10970

imagePullPolicy:

10971

description: Image pull policy. One of Always, Never, IfNotPresent.

10972

type: string

10973

lifecycle:

10974

description: Actions that the management system should take in response to container lifecycl

10975

properties:

10976

postStart:

10977

description: PostStart is called immediately after a container is created.

10978

properties:

10979

exec:

10980

description: Exec specifies the action to take.

10981

properties:

10982

command:

10983

description: Command is the command line to execute inside the container, the working directo

10984

items:

10985

type: string

10986

type: array

10987

type: object

10988

httpGet:

10989

description: HTTPGet specifies the http request to perform.

10990

properties:

10991

host:

10992

description: Host name to connect to, defaults to the pod IP.

10993

type: string

10994

httpHeaders:

10995

description: Custom headers to set in the request. HTTP allows repeated headers.

10996

items:

10997

description: HTTPHeader describes a custom header to be used in HTTP probes

10998

properties:

10999

name:

11000

description: The header field name

11001

type: string

11002

value:

11003

description: The header field value

11004

type: string

11005

required:

11006

- name

11007

- value

11008

type: object

11009

type: array

11010

path:

11011

description: Path to access on the HTTP server.

11012

type: string

11013

port:

11014

anyOf:

11015

- type: integer

11016

- type: string

11017

description: Name or number of the port to access on the container.

11018

x-kubernetes-int-or-string: true

11019

scheme:

11020

description: Scheme to use for connecting to the host. Defaults to HTTP.

11021

type: string

11022

required:

11023

- port

11024

type: object

11025

tcpSocket:

11026

description: Deprecated.

11027

properties:

11028

host:

11029

description: 'Optional: Host name to connect to, defaults to the pod IP.'

11030

type: string

11031

port:

11032

anyOf:

11033

- type: integer

11034

- type: string

11035

description: Number or name of the port to access on the container.

11036

x-kubernetes-int-or-string: true

11037

required:

11038

- port

11039

type: object

11040

type: object

11041

preStop:

11042

description: PreStop is called immediately before a container is terminated due to an API req

11043

properties:

11044

exec:

11045

description: Exec specifies the action to take.

11046

properties:

11047

command:

11048

description: Command is the command line to execute inside the container, the working directo

11049

items:

11050

type: string

11051

type: array

11052

type: object

11053

httpGet:

11054

description: HTTPGet specifies the http request to perform.

11055

properties:

11056

host:

11057

description: Host name to connect to, defaults to the pod IP.

11058

type: string

11059

httpHeaders:

11060

description: Custom headers to set in the request. HTTP allows repeated headers.

11061

items:

11062

description: HTTPHeader describes a custom header to be used in HTTP probes

11063

properties:

11064

name:

11065

description: The header field name

11066

type: string

11067

value:

11068

description: The header field value

11069

type: string

11070

required:

11071

- name

11072

- value

11073

type: object

11074

type: array

11075

path:

11076

description: Path to access on the HTTP server.

11077

type: string

11078

port:

11079

anyOf:

11080

- type: integer

11081

- type: string

11082

description: Name or number of the port to access on the container.

11083

x-kubernetes-int-or-string: true

11084

scheme:

11085

description: Scheme to use for connecting to the host. Defaults to HTTP.

11086

type: string

11087

required:

11088

- port

11089

type: object

11090

tcpSocket:

11091

description: Deprecated.

11092

properties:

11093

host:

11094

description: 'Optional: Host name to connect to, defaults to the pod IP.'

11095

type: string

11096

port:

11097

anyOf:

11098

- type: integer

11099

- type: string

11100

description: Number or name of the port to access on the container.

11101

x-kubernetes-int-or-string: true

11102

required:

11103

- port

11104

type: object

11105

type: object

11106

type: object

11107

livenessProbe:

11108

description: Periodic probe of container liveness.

11109

properties:

11110

exec:

11111

description: Exec specifies the action to take.

11112

properties:

11113

command:

11114

description: Command is the command line to execute inside the container, the working directo

11115

items:

11116

type: string

11117

type: array

11118

type: object

11119

failureThreshold:

11120

description: 'Minimum consecutive failures for the probe to be considered failed after having '

11121

format: int32

11122

type: integer

11123

grpc:

11124

description: GRPC specifies an action involving a GRPC port.

11125

properties:

11126

port:

11127

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

11128

format: int32

11129

type: integer

11130

service:

11131

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

11132

type: string

11133

required:

11134

- port

11135

type: object

11136

httpGet:

11137

description: HTTPGet specifies the http request to perform.

11138

properties:

11139

host:

11140

description: Host name to connect to, defaults to the pod IP.

11141

type: string

11142

httpHeaders:

11143

description: Custom headers to set in the request. HTTP allows repeated headers.

11144

items:

11145

description: HTTPHeader describes a custom header to be used in HTTP probes

11146

properties:

11147

name:

11148

description: The header field name

11149

type: string

11150

value:

11151

description: The header field value

11152

type: string

11153

required:

11154

- name

11155

- value

11156

type: object

11157

type: array

11158

path:

11159

description: Path to access on the HTTP server.

11160

type: string

11161

port:

11162

anyOf:

11163

- type: integer

11164

- type: string

11165

description: Name or number of the port to access on the container.

11166

x-kubernetes-int-or-string: true

11167

scheme:

11168

description: Scheme to use for connecting to the host. Defaults to HTTP.

11169

type: string

11170

required:

11171

- port

11172

type: object

11173

initialDelaySeconds:

11174

description: Number of seconds after the container has started before liveness probes are ini

11175

format: int32

11176

type: integer

11177

periodSeconds:

11178

description: How often (in seconds) to perform the probe. Default to 10 seconds.

11179

format: int32

11180

type: integer

11181

successThreshold:

11182

description: Minimum consecutive successes for the probe to be considered successful after ha

11183

format: int32

11184

type: integer

11185

tcpSocket:

11186

description: TCPSocket specifies an action involving a TCP port.

11187

properties:

11188

host:

11189

description: 'Optional: Host name to connect to, defaults to the pod IP.'

11190

type: string

11191

port:

11192

anyOf:

11193

- type: integer

11194

- type: string

11195

description: Number or name of the port to access on the container.

11196

x-kubernetes-int-or-string: true

11197

required:

11198

- port

11199

type: object

11200

terminationGracePeriodSeconds:

11201

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

11202

format: int64

11203

type: integer

11204

timeoutSeconds:

11205

description: Number of seconds after which the probe times out. Defaults to 1 second.

11206

format: int32

11207

type: integer

11208

type: object

11209

name:

11210

description: Name of the container specified as a DNS_LABEL.

11211

type: string

11212

ports:

11213

description: List of ports to expose from the container.

11214

items:

11215

description: ContainerPort represents a network port in a single container.

11216

properties:

11217

containerPort:

11218

description: Number of port to expose on the pod's IP address.

11219

format: int32

11220

type: integer

11221

hostIP:

11222

description: What host IP to bind the external port to.

11223

type: string

11224

hostPort:

11225

description: Number of port to expose on the host.

11226

format: int32

11227

type: integer

11228

name:

11229

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

11230

type: string

11231

protocol:

11232

default: TCP

11233

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

11234

type: string

11235

required:

11236

- containerPort

11237

type: object

11238

type: array

11239

x-kubernetes-list-map-keys:

11240

- containerPort

11241

- protocol

11242

x-kubernetes-list-type: map

11243

readinessProbe:

11244

description: Periodic probe of container service readiness.

11245

properties:

11246

exec:

11247

description: Exec specifies the action to take.

11248

properties:

11249

command:

11250

description: Command is the command line to execute inside the container, the working directo

11251

items:

11252

type: string

11253

type: array

11254

type: object

11255

failureThreshold:

11256

description: 'Minimum consecutive failures for the probe to be considered failed after having '

11257

format: int32

11258

type: integer

11259

grpc:

11260

description: GRPC specifies an action involving a GRPC port.

11261

properties:

11262

port:

11263

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

11264

format: int32

11265

type: integer

11266

service:

11267

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

11268

type: string

11269

required:

11270

- port

11271

type: object

11272

httpGet:

11273

description: HTTPGet specifies the http request to perform.

11274

properties:

11275

host:

11276

description: Host name to connect to, defaults to the pod IP.

11277

type: string

11278

httpHeaders:

11279

description: Custom headers to set in the request. HTTP allows repeated headers.

11280

items:

11281

description: HTTPHeader describes a custom header to be used in HTTP probes

11282

properties:

11283

name:

11284

description: The header field name

11285

type: string

11286

value:

11287

description: The header field value

11288

type: string

11289

required:

11290

- name

11291

- value

11292

type: object

11293

type: array

11294

path:

11295

description: Path to access on the HTTP server.

11296

type: string

11297

port:

11298

anyOf:

11299

- type: integer

11300

- type: string

11301

description: Name or number of the port to access on the container.

11302

x-kubernetes-int-or-string: true

11303

scheme:

11304

description: Scheme to use for connecting to the host. Defaults to HTTP.

11305

type: string

11306

required:

11307

- port

11308

type: object

11309

initialDelaySeconds:

11310

description: Number of seconds after the container has started before liveness probes are ini

11311

format: int32

11312

type: integer

11313

periodSeconds:

11314

description: How often (in seconds) to perform the probe. Default to 10 seconds.

11315

format: int32

11316

type: integer

11317

successThreshold:

11318

description: Minimum consecutive successes for the probe to be considered successful after ha

11319

format: int32

11320

type: integer

11321

tcpSocket:

11322

description: TCPSocket specifies an action involving a TCP port.

11323

properties:

11324

host:

11325

description: 'Optional: Host name to connect to, defaults to the pod IP.'

11326

type: string

11327

port:

11328

anyOf:

11329

- type: integer

11330

- type: string

11331

description: Number or name of the port to access on the container.

11332

x-kubernetes-int-or-string: true

11333

required:

11334

- port

11335

type: object

11336

terminationGracePeriodSeconds:

11337

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

11338

format: int64

11339

type: integer

11340

timeoutSeconds:

11341

description: Number of seconds after which the probe times out. Defaults to 1 second.

11342

format: int32

11343

type: integer

11344

type: object

11345

resources:

11346

description: Compute Resources required by this container. Cannot be updated.

11347

properties:

11348

limits:

11349

additionalProperties:

11350

anyOf:

11351

- type: integer

11352

- type: string

11353

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

11354

x-kubernetes-int-or-string: true

11355

description: Limits describes the maximum amount of compute resources allowed.

11356

type: object

11357

requests:

11358

additionalProperties:

11359

anyOf:

11360

- type: integer

11361

- type: string

11362

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

11363

x-kubernetes-int-or-string: true

11364

description: Requests describes the minimum amount of compute resources required.

11365

type: object

11366

type: object

11367

securityContext:

11368

description: SecurityContext defines the security options the container should be run with.

11369

properties:

11370

allowPrivilegeEscalation:

11371

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

11372

type: boolean

11373

capabilities:

11374

description: The capabilities to add/drop when running containers.

11375

properties:

11376

add:

11377

description: Added capabilities

11378

items:

11379

description: Capability represent POSIX capabilities type

11380

type: string

11381

type: array

11382

drop:

11383

description: Removed capabilities

11384

items:

11385

description: Capability represent POSIX capabilities type

11386

type: string

11387

type: array

11388

type: object

11389

privileged:

11390

description: Run container in privileged mode.

11391

type: boolean

11392

procMount:

11393

description: procMount denotes the type of proc mount to use for the containers.

11394

type: string

11395

readOnlyRootFilesystem:

11396

description: Whether this container has a read-only root filesystem. Default is false.

11397

type: boolean

11398

runAsGroup:

11399

description: The GID to run the entrypoint of the container process.

11400

format: int64

11401

type: integer

11402

runAsNonRoot:

11403

description: Indicates that the container must run as a non-root user.

11404

type: boolean

11405

runAsUser:

11406

description: The UID to run the entrypoint of the container process.

11407

format: int64

11408

type: integer

11409

seLinuxOptions:

11410

description: The SELinux context to be applied to the container.

11411

properties:

11412

level:

11413

description: Level is SELinux level label that applies to the container.

11414

type: string

11415

role:

11416

description: Role is a SELinux role label that applies to the container.

11417

type: string

11418

type:

11419

description: Type is a SELinux type label that applies to the container.

11420

type: string

11421

user:

11422

description: User is a SELinux user label that applies to the container.

11423

type: string

11424

type: object

11425

seccompProfile:

11426

description: The seccomp options to use by this container.

11427

properties:

11428

localhostProfile:

11429

description: localhostProfile indicates a profile defined in a file on the node should be use

11430

type: string

11431

type:

11432

description: type indicates which kind of seccomp profile will be applied.

11433

type: string

11434

required:

11435

- type

11436

type: object

11437

windowsOptions:

11438

description: The Windows specific settings applied to all containers.

11439

properties:

11440

gmsaCredentialSpec:

11441

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

11442

type: string

11443

gmsaCredentialSpecName:

11444

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

11445

type: string

11446

hostProcess:

11447

description: HostProcess determines if a container should be run as a 'Host Process' containe

11448

type: boolean

11449

runAsUserName:

11450

description: The UserName in Windows to run the entrypoint of the container process.

11451

type: string

11452

type: object

11453

type: object

11454

startupProbe:

11455

description: StartupProbe indicates that the Pod has successfully initialized.

11456

properties:

11457

exec:

11458

description: Exec specifies the action to take.

11459

properties:

11460

command:

11461

description: Command is the command line to execute inside the container, the working directo

11462

items:

11463

type: string

11464

type: array

11465

type: object

11466

failureThreshold:

11467

description: 'Minimum consecutive failures for the probe to be considered failed after having '

11468

format: int32

11469

type: integer

11470

grpc:

11471

description: GRPC specifies an action involving a GRPC port.

11472

properties:

11473

port:

11474

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

11475

format: int32

11476

type: integer

11477

service:

11478

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

11479

type: string

11480

required:

11481

- port

11482

type: object

11483

httpGet:

11484

description: HTTPGet specifies the http request to perform.

11485

properties:

11486

host:

11487

description: Host name to connect to, defaults to the pod IP.

11488

type: string

11489

httpHeaders:

11490

description: Custom headers to set in the request. HTTP allows repeated headers.

11491

items:

11492

description: HTTPHeader describes a custom header to be used in HTTP probes

11493

properties:

11494

name:

11495

description: The header field name

11496

type: string

11497

value:

11498

description: The header field value

11499

type: string

11500

required:

11501

- name

11502

- value

11503

type: object

11504

type: array

11505

path:

11506

description: Path to access on the HTTP server.

11507

type: string

11508

port:

11509

anyOf:

11510

- type: integer

11511

- type: string

11512

description: Name or number of the port to access on the container.

11513

x-kubernetes-int-or-string: true

11514

scheme:

11515

description: Scheme to use for connecting to the host. Defaults to HTTP.

11516

type: string

11517

required:

11518

- port

11519

type: object

11520

initialDelaySeconds:

11521

description: Number of seconds after the container has started before liveness probes are ini

11522

format: int32

11523

type: integer

11524

periodSeconds:

11525

description: How often (in seconds) to perform the probe. Default to 10 seconds.

11526

format: int32

11527

type: integer

11528

successThreshold:

11529

description: Minimum consecutive successes for the probe to be considered successful after ha

11530

format: int32

11531

type: integer

11532

tcpSocket:

11533

description: TCPSocket specifies an action involving a TCP port.

11534

properties:

11535

host:

11536

description: 'Optional: Host name to connect to, defaults to the pod IP.'

11537

type: string

11538

port:

11539

anyOf:

11540

- type: integer

11541

- type: string

11542

description: Number or name of the port to access on the container.

11543

x-kubernetes-int-or-string: true

11544

required:

11545

- port

11546

type: object

11547

terminationGracePeriodSeconds:

11548

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

11549

format: int64

11550

type: integer

11551

timeoutSeconds:

11552

description: Number of seconds after which the probe times out. Defaults to 1 second.

11553

format: int32

11554

type: integer

11555

type: object

11556

stdin:

11557

description: Whether this container should allocate a buffer for stdin in the container runti

11558

type: boolean

11559

stdinOnce:

11560

description: Whether the container runtime should close the stdin channel after it has been o

11561

type: boolean

11562

terminationMessagePath:

11563

description: 'Optional: Path at which the file to which the container''s termination message wi'

11564

type: string

11565

terminationMessagePolicy:

11566

description: Indicate how the termination message should be populated.

11567

type: string

11568

tty:

11569

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

11570

type: boolean

11571

volumeDevices:

11572

description: volumeDevices is the list of block devices to be used by the container.

11573

items:

11574

description: volumeDevice describes a mapping of a raw block device within a container.

11575

properties:

11576

devicePath:

11577

description: devicePath is the path inside of the container that the device will be mapped to

11578

type: string

11579

name:

11580

description: name must match the name of a persistentVolumeClaim in the pod

11581

type: string

11582

required:

11583

- devicePath

11584

- name

11585

type: object

11586

type: array

11587

volumeMounts:

11588

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

11589

items:

11590

description: VolumeMount describes a mounting of a Volume within a container.

11591

properties:

11592

mountPath:

11593

description: Path within the container at which the volume should be mounted.

11594

type: string

11595

mountPropagation:

11596

description: mountPropagation determines how mounts are propagated from the host to container

11597

type: string

11598

name:

11599

description: This must match the Name of a Volume.

11600

type: string

11601

readOnly:

11602

description: Mounted read-only if true, read-write otherwise (false or unspecified).

11603

type: boolean

11604

subPath:

11605

description: Path within the volume from which the container's volume should be mounted.

11606

type: string

11607

subPathExpr:

11608

description: Expanded path within the volume from which the container's volume should be moun

11609

type: string

11610

required:

11611

- mountPath

11612

- name

11613

type: object

11614

type: array

11615

workingDir:

11616

description: Container's working directory.

11617

type: string

11618

required:

11619

- name

11620

type: object

11621

type: array

11622

nodeName:

11623

description: NodeName is a request to schedule this pod onto a specific node.

11624

type: string

11625

nodeSelector:

11626

additionalProperties:

11627

type: string

11628

description: NodeSelector is a selector which must be true for the pod to fit on a node.

11629

type: object

11630

x-kubernetes-map-type: atomic

11631

os:

11632

description: Specifies the OS of the containers in the pod.

11633

properties:

11634

name:

11635

description: Name is the name of the operating system.

11636

type: string

11637

required:

11638

- name

11639

type: object

11640

overhead:

11641

additionalProperties:

11642

anyOf:

11643

- type: integer

11644

- type: string

11645

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

11646

x-kubernetes-int-or-string: true

11647

description: Overhead represents the resource overhead associated with running a pod for a gi

11648

type: object

11649

preemptionPolicy:

11650

description: PreemptionPolicy is the Policy for preempting pods with lower priority.

11651

type: string

11652

priority:

11653

description: The priority value.

11654

format: int32

11655

type: integer

11656

priorityClassName:

11657

description: If specified, indicates the pod's priority.

11658

type: string

11659

readinessGates:

11660

description: If specified, all readiness gates will be evaluated for pod readiness.

11661

items:

11662

description: PodReadinessGate contains the reference to a pod condition

11663

properties:

11664

conditionType:

11665

description: ConditionType refers to a condition in the pod's condition list with matching ty

11666

type: string

11667

required:

11668

- conditionType

11669

type: object

11670

type: array

11671

restartPolicy:

11672

description: Restart policy for all containers within the pod.

11673

type: string

11674

runtimeClassName:

11675

description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.

11676

type: string

11677

schedulerName:

11678

description: If specified, the pod will be dispatched by specified scheduler.

11679

type: string

11680

securityContext:

11681

description: SecurityContext holds pod-level security attributes and common container setting

11682

properties:

11683

fsGroup:

11684

description: A special supplemental group that applies to all containers in a pod.

11685

format: int64

11686

type: integer

11687

fsGroupChangePolicy:

11688

description: fsGroupChangePolicy defines behavior of changing ownership and permission of the

11689

type: string

11690

runAsGroup:

11691

description: The GID to run the entrypoint of the container process.

11692

format: int64

11693

type: integer

11694

runAsNonRoot:

11695

description: Indicates that the container must run as a non-root user.

11696

type: boolean

11697

runAsUser:

11698

description: The UID to run the entrypoint of the container process.

11699

format: int64

11700

type: integer

11701

seLinuxOptions:

11702

description: The SELinux context to be applied to all containers.

11703

properties:

11704

level:

11705

description: Level is SELinux level label that applies to the container.

11706

type: string

11707

role:

11708

description: Role is a SELinux role label that applies to the container.

11709

type: string

11710

type:

11711

description: Type is a SELinux type label that applies to the container.

11712

type: string

11713

user:

11714

description: User is a SELinux user label that applies to the container.

11715

type: string

11716

type: object

11717

seccompProfile:

11718

description: The seccomp options to use by the containers in this pod.

11719

properties:

11720

localhostProfile:

11721

description: localhostProfile indicates a profile defined in a file on the node should be use

11722

type: string

11723

type:

11724

description: type indicates which kind of seccomp profile will be applied.

11725

type: string

11726

required:

11727

- type

11728

type: object

11729

supplementalGroups:

11730

description: A list of groups applied to the first process run in each container, in addition

11731

items:

11732

format: int64

11733

type: integer

11734

type: array

11735

sysctls:

11736

description: Sysctls hold a list of namespaced sysctls used for the pod.

11737

items:

11738

description: Sysctl defines a kernel parameter to be set

11739

properties:

11740

name:

11741

description: Name of a property to set

11742

type: string

11743

value:

11744

description: Value of a property to set

11745

type: string

11746

required:

11747

- name

11748

- value

11749

type: object

11750

type: array

11751

windowsOptions:

11752

description: The Windows specific settings applied to all containers.

11753

properties:

11754

gmsaCredentialSpec:

11755

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

11756

type: string

11757

gmsaCredentialSpecName:

11758

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

11759

type: string

11760

hostProcess:

11761

description: HostProcess determines if a container should be run as a 'Host Process' containe

11762

type: boolean

11763

runAsUserName:

11764

description: The UserName in Windows to run the entrypoint of the container process.

11765

type: string

11766

type: object

11767

type: object

11768

serviceAccount:

11769

description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.

11770

type: string

11771

serviceAccountName:

11772

description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.

11773

type: string

11774

setHostnameAsFQDN:

11775

description: If true the pod's hostname will be configured as the pod's FQDN, rather than the

11776

type: boolean

11777

shareProcessNamespace:

11778

description: Share a single process namespace between all of the containers in a pod.

11779

type: boolean

11780

subdomain:

11781

description: If specified, the fully qualified Pod hostname will be "..

11782

type: string

11783

terminationGracePeriodSeconds:

11784

description: Optional duration in seconds the pod needs to terminate gracefully.

11785

format: int64

11786

type: integer

11787

tolerations:

11788

description: If specified, the pod's tolerations.

11789

items:

11790

description: The pod this Toleration is attached to tolerates any taint that matches the trip

11791

properties:

11792

effect:

11793

description: Effect indicates the taint effect to match. Empty means match all taint effects.

11794

type: string

11795

key:

11796

description: Key is the taint key that the toleration applies to.

11797

type: string

11798

operator:

11799

description: Operator represents a key's relationship to the value.

11800

type: string

11801

tolerationSeconds:

11802

description: TolerationSeconds represents the period of time the toleration (which must be of

11803

format: int64

11804

type: integer

11805

value:

11806

description: Value is the taint value the toleration matches to.

11807

type: string

11808

type: object

11809

type: array

11810

topologySpreadConstraints:

11811

description: TopologySpreadConstraints describes how a group of pods ought to spread across t

11812

items:

11813

description: TopologySpreadConstraint specifies how to spread matching pods among the given t

11814

properties:

11815

labelSelector:

11816

description: LabelSelector is used to find matching pods.

11817

properties:

11818

matchExpressions:

11819

description: matchExpressions is a list of label selector requirements.

11820

items:

11821

description: A label selector requirement is a selector that contains values, a key, and an o

11822

properties:

11823

key:

11824

description: key is the label key that the selector applies to.

11825

type: string

11826

operator:

11827

description: operator represents a key's relationship to a set of values.

11828

type: string

11829

values:

11830

description: values is an array of string values.

11831

items:

11832

type: string

11833

type: array

11834

required:

11835

- key

11836

- operator

11837

type: object

11838

type: array

11839

matchLabels:

11840

additionalProperties:

11841

type: string

11842

description: matchLabels is a map of {key,value} pairs.

11843

type: object

11844

type: object

11845

x-kubernetes-map-type: atomic

11846

maxSkew:

11847

description: MaxSkew describes the degree to which pods may be unevenly distributed.

11848

format: int32

11849

type: integer

11850

topologyKey:

11851

description: TopologyKey is the key of node labels.

11852

type: string

11853

whenUnsatisfiable:

11854

description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr

11855

type: string

11856

required:

11857

- maxSkew

11858

- topologyKey

11859

- whenUnsatisfiable

11860

type: object

11861

type: array

11862

x-kubernetes-list-map-keys:

11863

- topologyKey

11864

- whenUnsatisfiable

11865

x-kubernetes-list-type: map

11866

volumes:

11867

description: List of volumes that can be mounted by containers belonging to the pod.

11868

items:

11869

description: 'Volume represents a named volume in a pod that may be accessed by any container '

11870

properties:

11871

awsElasticBlockStore:

11872

description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel

11873

properties:

11874

fsType:

11875

description: Filesystem type of the volume that you want to mount.

11876

type: string

11877

partition:

11878

description: The partition in the volume that you want to mount.

11879

format: int32

11880

type: integer

11881

readOnly:

11882

description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".

11883

type: boolean

11884

volumeID:

11885

description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).

11886

type: string

11887

required:

11888

- volumeID

11889

type: object

11890

azureDisk:

11891

description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '

11892

properties:

11893

cachingMode:

11894

description: 'Host Caching mode: None, Read Only, Read Write.'

11895

type: string

11896

diskName:

11897

description: The Name of the data disk in the blob storage

11898

type: string

11899

diskURI:

11900

description: The URI the data disk in the blob storage

11901

type: string

11902

fsType:

11903

description: Filesystem type to mount.

11904

type: string

11905

kind:

11906

description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'

11907

type: string

11908

readOnly:

11909

description: Defaults to false (read/write).

11910

type: boolean

11911

required:

11912

- diskName

11913

- diskURI

11914

type: object

11915

azureFile:

11916

description: AzureFile represents an Azure File Service mount on the host and bind mount to t

11917

properties:

11918

readOnly:

11919

description: Defaults to false (read/write).

11920

type: boolean

11921

secretName:

11922

description: the name of secret that contains Azure Storage Account Name and Key

11923

type: string

11924

shareName:

11925

description: Share Name

11926

type: string

11927

required:

11928

- secretName

11929

- shareName

11930

type: object

11931

cephfs:

11932

description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime

11933

properties:

11934

monitors:

11935

description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'

11936

items:

11937

type: string

11938

type: array

11939

path:

11940

description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'

11941

type: string

11942

readOnly:

11943

description: 'Optional: Defaults to false (read/write).'

11944

type: boolean

11945

secretFile:

11946

description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'

11947

type: string

11948

secretRef:

11949

description: 'Optional: SecretRef is reference to the authentication secret for User, default '

11950

properties:

11951

name:

11952

description: 'Name of the referent. More info: https://kubernetes.'

11953

type: string

11954

type: object

11955

x-kubernetes-map-type: atomic

11956

user:

11957

description: 'Optional: User is the rados user name, default is admin More info: https://examp'

11958

type: string

11959

required:

11960

- monitors

11961

type: object

11962

cinder:

11963

description: Cinder represents a cinder volume attached and mounted on kubelets host machine.

11964

properties:

11965

fsType:

11966

description: Filesystem type to mount.

11967

type: string

11968

readOnly:

11969

description: 'Optional: Defaults to false (read/write).'

11970

type: boolean

11971

secretRef:

11972

description: 'Optional: points to a secret object containing parameters used to connect to Ope'

11973

properties:

11974

name:

11975

description: 'Name of the referent. More info: https://kubernetes.'

11976

type: string

11977

type: object

11978

x-kubernetes-map-type: atomic

11979

volumeID:

11980

description: 'volume id used to identify the volume in cinder. More info: https://examples.'

11981

type: string

11982

required:

11983

- volumeID

11984

type: object

11985

configMap:

11986

description: ConfigMap represents a configMap that should populate this volume

11987

properties:

11988

defaultMode:

11989

description: 'Optional: mode bits used to set permissions on created files by default.'

11990

format: int32

11991

type: integer

11992

items:

11993

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

11994

items:

11995

description: Maps a string key to a path within a volume.

11996

properties:

11997

key:

11998

description: The key to project.

11999

type: string

12000

mode:

12001

description: 'Optional: mode bits used to set permissions on this file.'

12002

format: int32

12003

type: integer

12004

path:

12005

description: The relative path of the file to map the key to. May not be an absolute path.

12006

type: string

12007

required:

12008

- key

12009

- path

12010

type: object

12011

type: array

12012

name:

12013

description: 'Name of the referent. More info: https://kubernetes.'

12014

type: string

12015

optional:

12016

description: Specify whether the ConfigMap or its keys must be defined

12017

type: boolean

12018

type: object

12019

x-kubernetes-map-type: atomic

12020

csi:

12021

description: CSI (Container Storage Interface) represents ephemeral storage that is handled b

12022

properties:

12023

driver:

12024

description: Driver is the name of the CSI driver that handles this volume.

12025

type: string

12026

fsType:

12027

description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".

12028

type: string

12029

nodePublishSecretRef:

12030

description: NodePublishSecretRef is a reference to the secret object containing sensitive in

12031

properties:

12032

name:

12033

description: 'Name of the referent. More info: https://kubernetes.'

12034

type: string

12035

type: object

12036

x-kubernetes-map-type: atomic

12037

readOnly:

12038

description: Specifies a read-only configuration for the volume.

12039

type: boolean

12040

volumeAttributes:

12041

additionalProperties:

12042

type: string

12043

description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr

12044

type: object

12045

required:

12046

- driver

12047

type: object

12048

downwardAPI:

12049

description: DownwardAPI represents downward API about the pod that should populate this volu

12050

properties:

12051

defaultMode:

12052

description: 'Optional: mode bits to use on created files by default.'

12053

format: int32

12054

type: integer

12055

items:

12056

description: Items is a list of downward API volume file

12057

items:

12058

description: DownwardAPIVolumeFile represents information to create the file containing the p

12059

properties:

12060

fieldRef:

12061

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

12062

properties:

12063

apiVersion:

12064

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

12065

type: string

12066

fieldPath:

12067

description: Path of the field to select in the specified API version.

12068

type: string

12069

required:

12070

- fieldPath

12071

type: object

12072

x-kubernetes-map-type: atomic

12073

mode:

12074

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

12075

format: int32

12076

type: integer

12077

path:

12078

description: 'Required: Path is the relative path name of the file to be created.'

12079

type: string

12080

resourceFieldRef:

12081

description: 'Selects a resource of the container: only resources limits and requests (limits.'

12082

properties:

12083

containerName:

12084

description: 'Container name: required for volumes, optional for env vars'

12085

type: string

12086

divisor:

12087

anyOf:

12088

- type: integer

12089

- type: string

12090

description: Specifies the output format of the exposed resources, defaults to "1"

12091

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

12092

x-kubernetes-int-or-string: true

12093

resource:

12094

description: 'Required: resource to select'

12095

type: string

12096

required:

12097

- resource

12098

type: object

12099

x-kubernetes-map-type: atomic

12100

required:

12101

- path

12102

type: object

12103

type: array

12104

type: object

12105

emptyDir:

12106

description: EmptyDir represents a temporary directory that shares a pod's lifetime.

12107

properties:

12108

medium:

12109

description: What type of storage medium should back this directory.

12110

type: string

12111

sizeLimit:

12112

anyOf:

12113

- type: integer

12114

- type: string

12115

description: Total amount of local storage required for this EmptyDir volume.

12116

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

12117

x-kubernetes-int-or-string: true

12118

type: object

12119

ephemeral:

12120

description: Ephemeral represents a volume that is handled by a cluster storage driver.

12121

properties:

12122

volumeClaimTemplate:

12123

description: Will be used to create a stand-alone PVC to provision the volume.

12124

properties:

12125

metadata:

12126

description: May contain labels and annotations that will be copied into the PVC when creatin

12127

type: object

12128

spec:

12129

description: The specification for the PersistentVolumeClaim.

12130

properties:

12131

accessModes:

12132

description: AccessModes contains the desired access modes the volume should have.

12133

items:

12134

type: string

12135

type: array

12136

dataSource:

12137

description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'

12138

properties:

12139

apiGroup:

12140

description: APIGroup is the group for the resource being referenced.

12141

type: string

12142

kind:

12143

description: Kind is the type of resource being referenced

12144

type: string

12145

name:

12146

description: Name is the name of resource being referenced

12147

type: string

12148

required:

12149

- kind

12150

- name

12151

type: object

12152

x-kubernetes-map-type: atomic

12153

dataSourceRef:

12154

description: Specifies the object from which to populate the volume with data, if a non-empty

12155

properties:

12156

apiGroup:

12157

description: APIGroup is the group for the resource being referenced.

12158

type: string

12159

kind:

12160

description: Kind is the type of resource being referenced

12161

type: string

12162

name:

12163

description: Name is the name of resource being referenced

12164

type: string

12165

required:

12166

- kind

12167

- name

12168

type: object

12169

x-kubernetes-map-type: atomic

12170

resources:

12171

description: Resources represents the minimum resources the volume should have.

12172

properties:

12173

limits:

12174

additionalProperties:

12175

anyOf:

12176

- type: integer

12177

- type: string

12178

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

12179

x-kubernetes-int-or-string: true

12180

description: Limits describes the maximum amount of compute resources allowed.

12181

type: object

12182

requests:

12183

additionalProperties:

12184

anyOf:

12185

- type: integer

12186

- type: string

12187

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

12188

x-kubernetes-int-or-string: true

12189

description: Requests describes the minimum amount of compute resources required.

12190

type: object

12191

type: object

12192

selector:

12193

description: A label query over volumes to consider for binding.

12194

properties:

12195

matchExpressions:

12196

description: matchExpressions is a list of label selector requirements.

12197

items:

12198

description: A label selector requirement is a selector that contains values, a key, and an o

12199

properties:

12200

key:

12201

description: key is the label key that the selector applies to.

12202

type: string

12203

operator:

12204

description: operator represents a key's relationship to a set of values.

12205

type: string

12206

values:

12207

description: values is an array of string values.

12208

items:

12209

type: string

12210

type: array

12211

required:

12212

- key

12213

- operator

12214

type: object

12215

type: array

12216

matchLabels:

12217

additionalProperties:

12218

type: string

12219

description: matchLabels is a map of {key,value} pairs.

12220

type: object

12221

type: object

12222

x-kubernetes-map-type: atomic

12223

storageClassName:

12224

description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'

12225

type: string

12226

volumeMode:

12227

description: volumeMode defines what type of volume is required by the claim.

12228

type: string

12229

volumeName:

12230

description: VolumeName is the binding reference to the PersistentVolume backing this claim.

12231

type: string

12232

type: object

12233

required:

12234

- spec

12235

type: object

12236

type: object

12237

fc:

12238

description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach

12239

properties:

12240

fsType:

12241

description: Filesystem type to mount.

12242

type: string

12243

lun:

12244

description: 'Optional: FC target lun number'

12245

format: int32

12246

type: integer

12247

readOnly:

12248

description: 'Optional: Defaults to false (read/write).'

12249

type: boolean

12250

targetWWNs:

12251

description: 'Optional: FC target worldwide names (WWNs)'

12252

items:

12253

type: string

12254

type: array

12255

wwids:

12256

description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'

12257

items:

12258

type: string

12259

type: array

12260

type: object

12261

flexVolume:

12262

description: FlexVolume represents a generic volume resource that is provisioned/attached usi

12263

properties:

12264

driver:

12265

description: Driver is the name of the driver to use for this volume.

12266

type: string

12267

fsType:

12268

description: Filesystem type to mount.

12269

type: string

12270

options:

12271

additionalProperties:

12272

type: string

12273

description: 'Optional: Extra command options if any.'

12274

type: object

12275

readOnly:

12276

description: 'Optional: Defaults to false (read/write).'

12277

type: boolean

12278

secretRef:

12279

description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'

12280

properties:

12281

name:

12282

description: 'Name of the referent. More info: https://kubernetes.'

12283

type: string

12284

type: object

12285

x-kubernetes-map-type: atomic

12286

required:

12287

- driver

12288

type: object

12289

flocker:

12290

description: Flocker represents a Flocker volume attached to a kubelet's host machine.

12291

properties:

12292

datasetName:

12293

description: Name of the dataset stored as metadata -> name on the dataset for Flocker should

12294

type: string

12295

datasetUUID:

12296

description: UUID of the dataset. This is unique identifier of a Flocker dataset

12297

type: string

12298

type: object

12299

gcePersistentDisk:

12300

description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's

12301

properties:

12302

fsType:

12303

description: Filesystem type of the volume that you want to mount.

12304

type: string

12305

partition:

12306

description: The partition in the volume that you want to mount.

12307

format: int32

12308

type: integer

12309

pdName:

12310

description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.

12311

type: string

12312

readOnly:

12313

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

12314

type: boolean

12315

required:

12316

- pdName

12317

type: object

12318

gitRepo:

12319

description: GitRepo represents a git repository at a particular revision.

12320

properties:

12321

directory:

12322

description: Target directory name. Must not contain or start with '..'. If '.

12323

type: string

12324

repository:

12325

description: Repository URL

12326

type: string

12327

revision:

12328

description: Commit hash for the specified revision.

12329

type: string

12330

required:

12331

- repository

12332

type: object

12333

glusterfs:

12334

description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.

12335

properties:

12336

endpoints:

12337

description: EndpointsName is the endpoint name that details Glusterfs topology.

12338

type: string

12339

path:

12340

description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'

12341

type: string

12342

readOnly:

12343

description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi

12344

type: boolean

12345

required:

12346

- endpoints

12347

- path

12348

type: object

12349

hostPath:

12350

description: HostPath represents a pre-existing file or directory on the host machine that is

12351

properties:

12352

path:

12353

description: Path of the directory on the host.

12354

type: string

12355

type:

12356

description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'

12357

type: string

12358

required:

12359

- path

12360

type: object

12361

iscsi:

12362

description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac

12363

properties:

12364

chapAuthDiscovery:

12365

description: whether support iSCSI Discovery CHAP authentication

12366

type: boolean

12367

chapAuthSession:

12368

description: whether support iSCSI Session CHAP authentication

12369

type: boolean

12370

fsType:

12371

description: Filesystem type of the volume that you want to mount.

12372

type: string

12373

initiatorName:

12374

description: Custom iSCSI Initiator Name.

12375

type: string

12376

iqn:

12377

description: Target iSCSI Qualified Name.

12378

type: string

12379

iscsiInterface:

12380

description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

12381

type: string

12382

lun:

12383

description: iSCSI Target Lun number.

12384

format: int32

12385

type: integer

12386

portals:

12387

description: iSCSI Target Portal List.

12388

items:

12389

type: string

12390

type: array

12391

readOnly:

12392

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

12393

type: boolean

12394

secretRef:

12395

description: CHAP Secret for iSCSI target and initiator authentication

12396

properties:

12397

name:

12398

description: 'Name of the referent. More info: https://kubernetes.'

12399

type: string

12400

type: object

12401

x-kubernetes-map-type: atomic

12402

targetPortal:

12403

description: iSCSI Target Portal.

12404

type: string

12405

required:

12406

- iqn

12407

- lun

12408

- targetPortal

12409

type: object

12410

name:

12411

description: Volume's name. Must be a DNS_LABEL and unique within the pod.

12412

type: string

12413

nfs:

12414

description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '

12415

properties:

12416

path:

12417

description: 'Path that is exported by the NFS server. More info: https://kubernetes.'

12418

type: string

12419

readOnly:

12420

description: ReadOnly here will force the NFS export to be mounted with read-only permissions

12421

type: boolean

12422

server:

12423

description: Server is the hostname or IP address of the NFS server.

12424

type: string

12425

required:

12426

- path

12427

- server

12428

type: object

12429

persistentVolumeClaim:

12430

description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl

12431

properties:

12432

claimName:

12433

description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po

12434

type: string

12435

readOnly:

12436

description: Will force the ReadOnly setting in VolumeMounts. Default false.

12437

type: boolean

12438

required:

12439

- claimName

12440

type: object

12441

photonPersistentDisk:

12442

description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '

12443

properties:

12444

fsType:

12445

description: Filesystem type to mount.

12446

type: string

12447

pdID:

12448

description: ID that identifies Photon Controller persistent disk

12449

type: string

12450

required:

12451

- pdID

12452

type: object

12453

portworxVolume:

12454

description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos

12455

properties:

12456

fsType:

12457

description: FSType represents the filesystem type to mount Must be a filesystem type support

12458

type: string

12459

readOnly:

12460

description: Defaults to false (read/write).

12461

type: boolean

12462

volumeID:

12463

description: VolumeID uniquely identifies a Portworx volume

12464

type: string

12465

required:

12466

- volumeID

12467

type: object

12468

projected:

12469

description: Items for all in one resources secrets, configmaps, and downward API

12470

properties:

12471

defaultMode:

12472

description: Mode bits used to set permissions on created files by default.

12473

format: int32

12474

type: integer

12475

sources:

12476

description: list of volume projections

12477

items:

12478

description: Projection that may be projected along with other supported volume types

12479

properties:

12480

configMap:

12481

description: information about the configMap data to project

12482

properties:

12483

items:

12484

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

12485

items:

12486

description: Maps a string key to a path within a volume.

12487

properties:

12488

key:

12489

description: The key to project.

12490

type: string

12491

mode:

12492

description: 'Optional: mode bits used to set permissions on this file.'

12493

format: int32

12494

type: integer

12495

path:

12496

description: The relative path of the file to map the key to. May not be an absolute path.

12497

type: string

12498

required:

12499

- key

12500

- path

12501

type: object

12502

type: array

12503

name:

12504

description: 'Name of the referent. More info: https://kubernetes.'

12505

type: string

12506

optional:

12507

description: Specify whether the ConfigMap or its keys must be defined

12508

type: boolean

12509

type: object

12510

x-kubernetes-map-type: atomic

12511

downwardAPI:

12512

description: information about the downwardAPI data to project

12513

properties:

12514

items:

12515

description: Items is a list of DownwardAPIVolume file

12516

items:

12517

description: DownwardAPIVolumeFile represents information to create the file containing the p

12518

properties:

12519

fieldRef:

12520

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

12521

properties:

12522

apiVersion:

12523

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

12524

type: string

12525

fieldPath:

12526

description: Path of the field to select in the specified API version.

12527

type: string

12528

required:

12529

- fieldPath

12530

type: object

12531

x-kubernetes-map-type: atomic

12532

mode:

12533

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

12534

format: int32

12535

type: integer

12536

path:

12537

description: 'Required: Path is the relative path name of the file to be created.'

12538

type: string

12539

resourceFieldRef:

12540

description: 'Selects a resource of the container: only resources limits and requests (limits.'

12541

properties:

12542

containerName:

12543

description: 'Container name: required for volumes, optional for env vars'

12544

type: string

12545

divisor:

12546

anyOf:

12547

- type: integer

12548

- type: string

12549

description: Specifies the output format of the exposed resources, defaults to "1"

12550

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

12551

x-kubernetes-int-or-string: true

12552

resource:

12553

description: 'Required: resource to select'

12554

type: string

12555

required:

12556

- resource

12557

type: object

12558

x-kubernetes-map-type: atomic

12559

required:

12560

- path

12561

type: object

12562

type: array

12563

type: object

12564

secret:

12565

description: information about the secret data to project

12566

properties:

12567

items:

12568

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

12569

items:

12570

description: Maps a string key to a path within a volume.

12571

properties:

12572

key:

12573

description: The key to project.

12574

type: string

12575

mode:

12576

description: 'Optional: mode bits used to set permissions on this file.'

12577

format: int32

12578

type: integer

12579

path:

12580

description: The relative path of the file to map the key to. May not be an absolute path.

12581

type: string

12582

required:

12583

- key

12584

- path

12585

type: object

12586

type: array

12587

name:

12588

description: 'Name of the referent. More info: https://kubernetes.'

12589

type: string

12590

optional:

12591

description: Specify whether the Secret or its key must be defined

12592

type: boolean

12593

type: object

12594

x-kubernetes-map-type: atomic

12595

serviceAccountToken:

12596

description: information about the serviceAccountToken data to project

12597

properties:

12598

audience:

12599

description: Audience is the intended audience of the token.

12600

type: string

12601

expirationSeconds:

12602

description: ExpirationSeconds is the requested duration of validity of the service account t

12603

format: int64

12604

type: integer

12605

path:

12606

description: Path is the path relative to the mount point of the file to project the token in

12607

type: string

12608

required:

12609

- path

12610

type: object

12611

type: object

12612

type: array

12613

type: object

12614

quobyte:

12615

description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime

12616

properties:

12617

group:

12618

description: Group to map volume access to Default is no group

12619

type: string

12620

readOnly:

12621

description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss

12622

type: boolean

12623

registry:

12624

description: 'Registry represents a single or multiple Quobyte Registry services specified as '

12625

type: string

12626

tenant:

12627

description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov

12628

type: string

12629

user:

12630

description: User to map volume access to Defaults to serivceaccount user

12631

type: string

12632

volume:

12633

description: Volume is a string that references an already created Quobyte volume by name.

12634

type: string

12635

required:

12636

- registry

12637

- volume

12638

type: object

12639

rbd:

12640

description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti

12641

properties:

12642

fsType:

12643

description: Filesystem type of the volume that you want to mount.

12644

type: string

12645

image:

12646

description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'

12647

type: string

12648

keyring:

12649

description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.

12650

type: string

12651

monitors:

12652

description: 'A collection of Ceph monitors. More info: https://examples.k8s.'

12653

items:

12654

type: string

12655

type: array

12656

pool:

12657

description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'

12658

type: string

12659

readOnly:

12660

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

12661

type: boolean

12662

secretRef:

12663

description: SecretRef is name of the authentication secret for RBDUser.

12664

properties:

12665

name:

12666

description: 'Name of the referent. More info: https://kubernetes.'

12667

type: string

12668

type: object

12669

x-kubernetes-map-type: atomic

12670

user:

12671

description: 'The rados user name. Default is admin. More info: https://examples.k8s.'

12672

type: string

12673

required:

12674

- image

12675

- monitors

12676

type: object

12677

scaleIO:

12678

description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete

12679

properties:

12680

fsType:

12681

description: Filesystem type to mount.

12682

type: string

12683

gateway:

12684

description: The host address of the ScaleIO API Gateway.

12685

type: string

12686

protectionDomain:

12687

description: The name of the ScaleIO Protection Domain for the configured storage.

12688

type: string

12689

readOnly:

12690

description: Defaults to false (read/write).

12691

type: boolean

12692

secretRef:

12693

description: SecretRef references to the secret for ScaleIO user and other sensitive informat

12694

properties:

12695

name:

12696

description: 'Name of the referent. More info: https://kubernetes.'

12697

type: string

12698

type: object

12699

x-kubernetes-map-type: atomic

12700

sslEnabled:

12701

description: Flag to enable/disable SSL communication with Gateway, default false

12702

type: boolean

12703

storageMode:

12704

description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro

12705

type: string

12706

storagePool:

12707

description: The ScaleIO Storage Pool associated with the protection domain.

12708

type: string

12709

system:

12710

description: The name of the storage system as configured in ScaleIO.

12711

type: string

12712

volumeName:

12713

description: The name of a volume already created in the ScaleIO system that is associated wi

12714

type: string

12715

required:

12716

- gateway

12717

- secretRef

12718

- system

12719

type: object

12720

secret:

12721

description: Secret represents a secret that should populate this volume.

12722

properties:

12723

defaultMode:

12724

description: 'Optional: mode bits used to set permissions on created files by default.'

12725

format: int32

12726

type: integer

12727

items:

12728

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

12729

items:

12730

description: Maps a string key to a path within a volume.

12731

properties:

12732

key:

12733

description: The key to project.

12734

type: string

12735

mode:

12736

description: 'Optional: mode bits used to set permissions on this file.'

12737

format: int32

12738

type: integer

12739

path:

12740

description: The relative path of the file to map the key to. May not be an absolute path.

12741

type: string

12742

required:

12743

- key

12744

- path

12745

type: object

12746

type: array

12747

optional:

12748

description: Specify whether the Secret or its keys must be defined

12749

type: boolean

12750

secretName:

12751

description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'

12752

type: string

12753

type: object

12754

storageos:

12755

description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes

12756

properties:

12757

fsType:

12758

description: Filesystem type to mount.

12759

type: string

12760

readOnly:

12761

description: Defaults to false (read/write).

12762

type: boolean

12763

secretRef:

12764

description: SecretRef specifies the secret to use for obtaining the StorageOS API credential

12765

properties:

12766

name:

12767

description: 'Name of the referent. More info: https://kubernetes.'

12768

type: string

12769

type: object

12770

x-kubernetes-map-type: atomic

12771

volumeName:

12772

description: VolumeName is the human-readable name of the StorageOS volume.

12773

type: string

12774

volumeNamespace:

12775

description: VolumeNamespace specifies the scope of the volume within StorageOS.

12776

type: string

12777

type: object

12778

vsphereVolume:

12779

description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '

12780

properties:

12781

fsType:

12782

description: Filesystem type to mount.

12783

type: string

12784

storagePolicyID:

12785

description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol

12786

type: string

12787

storagePolicyName:

12788

description: Storage Policy Based Management (SPBM) profile name.

12789

type: string

12790

volumePath:

12791

description: Path that identifies vSphere volume vmdk

12792

type: string

12793

required:

12794

- volumePath

12795

type: object

12796

required:

12797

- name

12798

type: object

12799

type: array

12800

required: null

12801

type: object

12802

type: object

12803

version:

12804

default: 3

12805

enum:

12806

- 0

12807

- 2

12808

- 3

12809

format: int32

12810

type: integer

12811

type: object

12812

status:

12813

description: OnionServiceStatus defines the observed state of OnionService.

12814

properties:

12815

hostname:

12816

type: string

12817

targetClusterIP:

12818

type: string

12819

type: object

12820

type: object

12821

served: true

12822

storage: true

12823

subresources:

12824

status: {}

12825

---

12826

apiVersion: apiextensions.k8s.io/v1

12827

kind: CustomResourceDefinition

12828

metadata:

12829

annotations:

12830

controller-gen.kubebuilder.io/version: v0.7.0

12831

creationTimestamp: null

12832

12833

spec:

12834

group: config.k8s.torproject.org

12835

names:

12836

kind: ProjectConfig

12837

listKind: ProjectConfigList

12838

plural: projectconfigs

12839

singular: projectconfig

12840

scope: Namespaced

12841

versions:

12842

- name: v2

12843

schema:

12844

openAPIV3Schema:

12845

description: ProjectConfig is the Schema for the projectconfigs API

12846

properties:

12847

apiVersion:

12848

description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'

12849

type: string

12850

cacheNamespace:

12851

description: "CacheNamespace if specified restricts the manager's cache to watch objects in the desired namespace Defaults to all namespaces \n Note: If a namespace is specified, controllers can still Watch for a cluster-scoped resource (e.g Node). For namespaced resources the cache will only hold objects from the desired namespace."

12852

type: string

12853

controller:

12854

description: Controller contains global configuration options for controllers registered within this manager.

12855

properties:

12856

cacheSyncTimeout:

12857

description: CacheSyncTimeout refers to the time limit set to wait for syncing caches. Defaults to 2 minutes if not set.

12858

format: int64

12859

type: integer

12860

groupKindConcurrency:

12861

additionalProperties:

12862

type: integer

12863

description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation allowed for that controller. \n When a controller is registered within this manager using the builder utilities, users have to specify the type the controller reconciles in the For(...) call. If the object's kind passed matches one of the keys in this map, the concurrency for that controller is set to the number specified. \n The key is expected to be consistent in form with GroupKind.String(), e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`."

12864

type: object

12865

type: object

12866

gracefulShutDown:

12867

description: GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. To disable graceful shutdown, set to time.Duration(0) To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) The graceful shutdown is skipped for safety reasons in case the leader election lease is lost.

12868

type: string

12869

health:

12870

description: Health contains the controller health configuration

12871

properties:

12872

healthProbeBindAddress:

12873

description: HealthProbeBindAddress is the TCP address that the controller should bind to for serving health probes

12874

type: string

12875

livenessEndpointName:

12876

description: LivenessEndpointName, defaults to "healthz"

12877

type: string

12878

readinessEndpointName:

12879

description: ReadinessEndpointName, defaults to "readyz"

12880

type: string

12881

type: object

12882

kind:

12883

description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'

12884

type: string

12885

leaderElection:

12886

description: LeaderElection is the LeaderElection config to be used when configuring the manager.Manager leader election

12887

properties:

12888

leaderElect:

12889

description: leaderElect enables a leader election client to gain leadership before executing the main loop. Enable this when running replicated components for high availability.

12890

type: boolean

12891

leaseDuration:

12892

description: leaseDuration is the duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled.

12893

type: string

12894

renewDeadline:

12895

description: renewDeadline is the interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled.

12896

type: string

12897

resourceLock:

12898

description: resourceLock indicates the resource object type that will be used to lock during leader election cycles.

12899

type: string

12900

resourceName:

12901

description: resourceName indicates the name of resource object that will be used to lock during leader election cycles.

12902

type: string

12903

resourceNamespace:

12904

description: resourceName indicates the namespace of resource object that will be used to lock during leader election cycles.

12905

type: string

12906

retryPeriod:

12907

description: retryPeriod is the duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled.

12908

type: string

12909

required:

12910

- leaderElect

12911

- leaseDuration

12912

- renewDeadline

12913

- resourceLock

12914

- resourceName

12915

- resourceNamespace

12916

- retryPeriod

12917

type: object

12918

metrics:

12919

description: Metrics contains thw controller metrics configuration

12920

properties:

12921

bindAddress:

12922

description: BindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving.

12923

type: string

12924

type: object

12925

syncPeriod:

12926

description: SyncPeriod determines the minimum frequency at which watched resources are reconciled. A lower period will correct entropy more quickly, but reduce responsiveness to change if there are many watched resources. Change this value only if you know what you are doing. Defaults to 10 hours if unset. there will a 10 percent jitter between the SyncPeriod of all controllers so that all controllers will not send list requests simultaneously.

12927

type: string

12928

torDaemonManager:

12929

properties:

12930

image:

12931

default: quay.io/bugfest/tor-daemon-manager:latest

12932

type: string

12933

type: object

12934

torOnionbalanceManager:

12935

properties:

12936

image:

12937

default: quay.io/bugfest/tor-onionbalance-manager:latest

12938

type: string

12939

type: object

12940

webhook:

12941

description: Webhook contains the controllers webhook configuration

12942

properties:

12943

certDir:

12944

description: CertDir is the directory that contains the server key and certificate. if not set, webhook server would look up the server key and certificate in {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate must be named tls.key and tls.crt, respectively.

12945

type: string

12946

host:

12947

description: Host is the hostname that the webhook server binds to. It is used to set webhook.Server.Host.

12948

type: string

12949

port:

12950

description: Port is the port that the webhook server serves at. It is used to set webhook.Server.Port.

12951

type: integer

12952

type: object

12953

type: object

12954

served: true

12955

storage: true

12956

status:

12957

acceptedNames:

12958

kind: ""

12959

plural: ""

12960

conditions: []

12961

storedVersions: []

12962

---

12963

apiVersion: apiextensions.k8s.io/v1

12964

kind: CustomResourceDefinition

12965

metadata:

12966

annotations:

12967

controller-gen.kubebuilder.io/version: v0.11.1

12968

creationTimestamp: null

12969

12970

spec:

12971

group: tor.k8s.torproject.org

12972

names:

12973

kind: Tor

12974

listKind: TorList

12975

plural: tors

12976

shortNames:

12977

- tor

12978

singular: tor

12979

scope: Namespaced

12980

versions:

12981

- additionalPrinterColumns:

12982

- jsonPath: .metadata.creationTimestamp

12983

12984

type: date

12985

12986

schema:

12987

openAPIV3Schema:

12988

description: Tor is the Schema for the tor API.

12989

properties:

12990

apiVersion:

12991

description: APIVersion defines the versioned schema of this representation of an object.

12992

type: string

12993

kind:

12994

description: Kind is a string value representing the REST resource this object represents.

12995

type: string

12996

metadata:

12997

type: object

12998

spec:

12999

description: TorSpec defines the desired state of Tor.

13000

properties:

13001

client:

13002

description: Client type. Enabled by default if server options are not set.

13003

properties:

13004

dns:

13005

description: DNSPort [address:]port|auto [isolation flags]

13006

properties:

13007

address:

13008

default:

13009

- 0.0.0.0

13010

- '::'

13011

items:

13012

type: string

13013

type: array

13014

enable:

13015

type: boolean

13016

flags:

13017

items:

13018

type: string

13019

type: array

13020

policy:

13021

default:

13022

- accept 0.0.0.0/0

13023

- accept ::/0

13024

description: Policy [address:]port|unix:path|auto [flags]

13025

items:

13026

type: string

13027

type: array

13028

port:

13029

default: 0

13030

format: int32

13031

type: integer

13032

type: object

13033

httptunnel:

13034

description: HTTPTunnelPort [address:]port|auto [isolation flags]

13035

properties:

13036

address:

13037

default:

13038

- 0.0.0.0

13039

- '::'

13040

items:

13041

type: string

13042

type: array

13043

enable:

13044

type: boolean

13045

flags:

13046

items:

13047

type: string

13048

type: array

13049

policy:

13050

default:

13051

- accept 0.0.0.0/0

13052

- accept ::/0

13053

description: Policy [address:]port|unix:path|auto [flags]

13054

items:

13055

type: string

13056

type: array

13057

port:

13058

default: 0

13059

format: int32

13060

type: integer

13061

type: object

13062

natd:

13063

description: NATDPort [address:]port|auto [isolation flags]

13064

properties:

13065

address:

13066

default:

13067

- 0.0.0.0

13068

- '::'

13069

items:

13070

type: string

13071

type: array

13072

enable:

13073

type: boolean

13074

flags:

13075

items:

13076

type: string

13077

type: array

13078

policy:

13079

default:

13080

- accept 0.0.0.0/0

13081

- accept ::/0

13082

description: Policy [address:]port|unix:path|auto [flags]

13083

items:

13084

type: string

13085

type: array

13086

port:

13087

default: 0

13088

format: int32

13089

type: integer

13090

type: object

13091

socks:

13092

description: SocksPort [address:]port|unix:path|auto [flags] [isolation flags]

13093

properties:

13094

address:

13095

default:

13096

- 0.0.0.0

13097

- '::'

13098

items:

13099

type: string

13100

type: array

13101

enable:

13102

type: boolean

13103

flags:

13104

items:

13105

type: string

13106

type: array

13107

policy:

13108

default:

13109

- accept 0.0.0.0/0

13110

- accept ::/0

13111

description: Policy [address:]port|unix:path|auto [flags]

13112

items:

13113

type: string

13114

type: array

13115

port:

13116

default: 0

13117

format: int32

13118

type: integer

13119

type: object

13120

trans:

13121

description: TransPort [address:]port|auto [isolation flags]

13122

properties:

13123

address:

13124

default:

13125

- 0.0.0.0

13126

- '::'

13127

items:

13128

type: string

13129

type: array

13130

enable:

13131

type: boolean

13132

flags:

13133

items:

13134

type: string

13135

type: array

13136

policy:

13137

default:

13138

- accept 0.0.0.0/0

13139

- accept ::/0

13140

description: Policy [address:]port|unix:path|auto [flags]

13141

items:

13142

type: string

13143

type: array

13144

port:

13145

default: 0

13146

format: int32

13147

type: integer

13148

type: object

13149

transproxytype:

13150

description: TransProxyType default|TPROXY|ipfw|pf-divert

13151

type: string

13152

type: object

13153

config:

13154

description: 'Custom/advanced options. Tor latest man page (asciidoc): https://gitlab.'

13155

type: string

13156

configMapKeyRef:

13157

description: Custom/advanced options read from a ConfigMaps.

13158

items:

13159

description: Selects a key from a ConfigMap.

13160

properties:

13161

key:

13162

description: The key to select.

13163

type: string

13164

name:

13165

description: 'Name of the referent. More info: https://kubernetes.'

13166

type: string

13167

optional:

13168

description: Specify whether the ConfigMap or its key must be defined

13169

type: boolean

13170

required:

13171

- key

13172

type: object

13173

x-kubernetes-map-type: atomic

13174

type: array

13175

control:

13176

description: Control. Enabled by default.

13177

properties:

13178

address:

13179

default:

13180

- 0.0.0.0

13181

- '::'

13182

items:

13183

type: string

13184

type: array

13185

enable:

13186

type: boolean

13187

flags:

13188

items:

13189

type: string

13190

type: array

13191

policy:

13192

default:

13193

- accept 0.0.0.0/0

13194

- accept ::/0

13195

description: Policy [address:]port|unix:path|auto [flags]

13196

items:

13197

type: string

13198

type: array

13199

port:

13200

default: 0

13201

format: int32

13202

type: integer

13203

secret:

13204

description: Allowed control passwords as string

13205

items:

13206

type: string

13207

type: array

13208

secretRef:

13209

description: Allowed Control passwords as Secret object references Reference to a key of a se

13210

items:

13211

description: SecretKeySelector selects a key of a Secret.

13212

properties:

13213

key:

13214

description: The key of the secret to select from. Must be a valid secret key.

13215

type: string

13216

name:

13217

description: 'Name of the referent. More info: https://kubernetes.'

13218

type: string

13219

optional:

13220

description: Specify whether the Secret or its key must be defined

13221

type: boolean

13222

required:

13223

- key

13224

type: object

13225

x-kubernetes-map-type: atomic

13226

type: array

13227

type: object

13228

extraArgs:

13229

description: Extra arguments to pass Tor's executable

13230

items:

13231

type: string

13232

type: array

13233

metrics:

13234

description: Metrics. Enabled by default.

13235

properties:

13236

address:

13237

default:

13238

- 0.0.0.0

13239

- '::'

13240

items:

13241

type: string

13242

type: array

13243

enable:

13244

type: boolean

13245

flags:

13246

items:

13247

type: string

13248

type: array

13249

policy:

13250

default:

13251

- accept 0.0.0.0/0

13252

- accept ::/0

13253

description: Policy [address:]port|unix:path|auto [flags]

13254

items:

13255

type: string

13256

type: array

13257

port:

13258

default: 0

13259

format: int32

13260

type: integer

13261

type: object

13262

replicas:

13263

default: 1

13264

description: Replicas.

13265

format: int32

13266

type: integer

13267

server:

13268

description: Server (ORPort)

13269

properties:

13270

address:

13271

default:

13272

- 0.0.0.0

13273

- '::'

13274

items:

13275

type: string

13276

type: array

13277

enable:

13278

type: boolean

13279

flags:

13280

items:

13281

type: string

13282

type: array

13283

policy:

13284

default:

13285

- accept 0.0.0.0/0

13286

- accept ::/0

13287

description: Policy [address:]port|unix:path|auto [flags]

13288

items:

13289

type: string

13290

type: array

13291

port:

13292

default: 0

13293

format: int32

13294

type: integer

13295

type: object

13296

serviceMonitor:

13297

default: false

13298

description: Create service monitor.

13299

type: boolean

13300

template:

13301

description: Template describes the pods that will be created.

13302

properties:

13303

metadata:

13304

description: Metadata of the pods created from this template.

13305

type: object

13306

resources:

13307

description: Default resources for containers

13308

properties:

13309

limits:

13310

additionalProperties:

13311

anyOf:

13312

- type: integer

13313

- type: string

13314

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

13315

x-kubernetes-int-or-string: true

13316

description: Limits describes the maximum amount of compute resources allowed.

13317

type: object

13318

requests:

13319

additionalProperties:

13320

anyOf:

13321

- type: integer

13322

- type: string

13323

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

13324

x-kubernetes-int-or-string: true

13325

description: Requests describes the minimum amount of compute resources required.

13326

type: object

13327

type: object

13328

spec:

13329

description: Spec defines the behavior of a pod.

13330

properties:

13331

activeDeadlineSeconds:

13332

description: Optional duration in seconds the pod may be active on the node relative to Start

13333

format: int64

13334

type: integer

13335

affinity:

13336

description: If specified, the pod's scheduling constraints

13337

properties:

13338

nodeAffinity:

13339

description: Describes node affinity scheduling rules for the pod.

13340

properties:

13341

preferredDuringSchedulingIgnoredDuringExecution:

13342

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

13343

items:

13344

description: An empty preferred scheduling term matches all objects with implicit weight 0 (i

13345

properties:

13346

preference:

13347

description: A node selector term, associated with the corresponding weight.

13348

properties:

13349

matchExpressions:

13350

description: A list of node selector requirements by node's labels.

13351

items:

13352

description: A node selector requirement is a selector that contains values, a key, and an op

13353

properties:

13354

key:

13355

description: The label key that the selector applies to.

13356

type: string

13357

operator:

13358

description: Represents a key's relationship to a set of values.

13359

type: string

13360

values:

13361

description: An array of string values.

13362

items:

13363

type: string

13364

type: array

13365

required:

13366

- key

13367

- operator

13368

type: object

13369

type: array

13370

matchFields:

13371

description: A list of node selector requirements by node's fields.

13372

items:

13373

description: A node selector requirement is a selector that contains values, a key, and an op

13374

properties:

13375

key:

13376

description: The label key that the selector applies to.

13377

type: string

13378

operator:

13379

description: Represents a key's relationship to a set of values.

13380

type: string

13381

values:

13382

description: An array of string values.

13383

items:

13384

type: string

13385

type: array

13386

required:

13387

- key

13388

- operator

13389

type: object

13390

type: array

13391

type: object

13392

x-kubernetes-map-type: atomic

13393

weight:

13394

description: Weight associated with matching the corresponding nodeSelectorTerm, in the range

13395

format: int32

13396

type: integer

13397

required:

13398

- preference

13399

- weight

13400

type: object

13401

type: array

13402

requiredDuringSchedulingIgnoredDuringExecution:

13403

description: If the affinity requirements specified by this field are not met at scheduling t

13404

properties:

13405

nodeSelectorTerms:

13406

description: Required. A list of node selector terms. The terms are ORed.

13407

items:

13408

description: A null or empty node selector term matches no objects.

13409

properties:

13410

matchExpressions:

13411

description: A list of node selector requirements by node's labels.

13412

items:

13413

description: A node selector requirement is a selector that contains values, a key, and an op

13414

properties:

13415

key:

13416

description: The label key that the selector applies to.

13417

type: string

13418

operator:

13419

description: Represents a key's relationship to a set of values.

13420

type: string

13421

values:

13422

description: An array of string values.

13423

items:

13424

type: string

13425

type: array

13426

required:

13427

- key

13428

- operator

13429

type: object

13430

type: array

13431

matchFields:

13432

description: A list of node selector requirements by node's fields.

13433

items:

13434

description: A node selector requirement is a selector that contains values, a key, and an op

13435

properties:

13436

key:

13437

description: The label key that the selector applies to.

13438

type: string

13439

operator:

13440

description: Represents a key's relationship to a set of values.

13441

type: string

13442

values:

13443

description: An array of string values.

13444

items:

13445

type: string

13446

type: array

13447

required:

13448

- key

13449

- operator

13450

type: object

13451

type: array

13452

type: object

13453

x-kubernetes-map-type: atomic

13454

type: array

13455

required:

13456

- nodeSelectorTerms

13457

type: object

13458

x-kubernetes-map-type: atomic

13459

type: object

13460

podAffinity:

13461

description: Describes pod affinity scheduling rules (e.g.

13462

properties:

13463

preferredDuringSchedulingIgnoredDuringExecution:

13464

description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex

13465

items:

13466

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

13467

properties:

13468

podAffinityTerm:

13469

description: Required. A pod affinity term, associated with the corresponding weight.

13470

properties:

13471

labelSelector:

13472

description: A label query over a set of resources, in this case pods.

13473

properties:

13474

matchExpressions:

13475

description: matchExpressions is a list of label selector requirements.

13476

items:

13477

description: A label selector requirement is a selector that contains values, a key, and an o

13478

properties:

13479

key:

13480

description: key is the label key that the selector applies to.

13481

type: string

13482

operator:

13483

description: operator represents a key's relationship to a set of values.

13484

type: string

13485

values:

13486

description: values is an array of string values.

13487

items:

13488

type: string

13489

type: array

13490

required:

13491

- key

13492

- operator

13493

type: object

13494

type: array

13495

matchLabels:

13496

additionalProperties:

13497

type: string

13498

description: matchLabels is a map of {key,value} pairs.

13499

type: object

13500

type: object

13501

x-kubernetes-map-type: atomic

13502

namespaceSelector:

13503

description: A label query over the set of namespaces that the term applies to.

13504

properties:

13505

matchExpressions:

13506

description: matchExpressions is a list of label selector requirements.

13507

items:

13508

description: A label selector requirement is a selector that contains values, a key, and an o

13509

properties:

13510

key:

13511

description: key is the label key that the selector applies to.

13512

type: string

13513

operator:

13514

description: operator represents a key's relationship to a set of values.

13515

type: string

13516

values:

13517

description: values is an array of string values.

13518

items:

13519

type: string

13520

type: array

13521

required:

13522

- key

13523

- operator

13524

type: object

13525

type: array

13526

matchLabels:

13527

additionalProperties:

13528

type: string

13529

description: matchLabels is a map of {key,value} pairs.

13530

type: object

13531

type: object

13532

x-kubernetes-map-type: atomic

13533

namespaces:

13534

description: namespaces specifies a static list of namespace names that the term applies to.

13535

items:

13536

type: string

13537

type: array

13538

topologyKey:

13539

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

13540

type: string

13541

required:

13542

- topologyKey

13543

type: object

13544

weight:

13545

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

13546

format: int32

13547

type: integer

13548

required:

13549

- podAffinityTerm

13550

- weight

13551

type: object

13552

type: array

13553

requiredDuringSchedulingIgnoredDuringExecution:

13554

description: If the affinity requirements specified by this field are not met at scheduling t

13555

items:

13556

description: Defines a set of pods (namely those matching the labelSelector relative to the g

13557

properties:

13558

labelSelector:

13559

description: A label query over a set of resources, in this case pods.

13560

properties:

13561

matchExpressions:

13562

description: matchExpressions is a list of label selector requirements.

13563

items:

13564

description: A label selector requirement is a selector that contains values, a key, and an o

13565

properties:

13566

key:

13567

description: key is the label key that the selector applies to.

13568

type: string

13569

operator:

13570

description: operator represents a key's relationship to a set of values.

13571

type: string

13572

values:

13573

description: values is an array of string values.

13574

items:

13575

type: string

13576

type: array

13577

required:

13578

- key

13579

- operator

13580

type: object

13581

type: array

13582

matchLabels:

13583

additionalProperties:

13584

type: string

13585

description: matchLabels is a map of {key,value} pairs.

13586

type: object

13587

type: object

13588

x-kubernetes-map-type: atomic

13589

namespaceSelector:

13590

description: A label query over the set of namespaces that the term applies to.

13591

properties:

13592

matchExpressions:

13593

description: matchExpressions is a list of label selector requirements.

13594

items:

13595

description: A label selector requirement is a selector that contains values, a key, and an o

13596

properties:

13597

key:

13598

description: key is the label key that the selector applies to.

13599

type: string

13600

operator:

13601

description: operator represents a key's relationship to a set of values.

13602

type: string

13603

values:

13604

description: values is an array of string values.

13605

items:

13606

type: string

13607

type: array

13608

required:

13609

- key

13610

- operator

13611

type: object

13612

type: array

13613

matchLabels:

13614

additionalProperties:

13615

type: string

13616

description: matchLabels is a map of {key,value} pairs.

13617

type: object

13618

type: object

13619

x-kubernetes-map-type: atomic

13620

namespaces:

13621

description: namespaces specifies a static list of namespace names that the term applies to.

13622

items:

13623

type: string

13624

type: array

13625

topologyKey:

13626

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

13627

type: string

13628

required:

13629

- topologyKey

13630

type: object

13631

type: array

13632

type: object

13633

podAntiAffinity:

13634

description: Describes pod anti-affinity scheduling rules (e.g.

13635

properties:

13636

preferredDuringSchedulingIgnoredDuringExecution:

13637

description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini

13638

items:

13639

description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n

13640

properties:

13641

podAffinityTerm:

13642

description: Required. A pod affinity term, associated with the corresponding weight.

13643

properties:

13644

labelSelector:

13645

description: A label query over a set of resources, in this case pods.

13646

properties:

13647

matchExpressions:

13648

description: matchExpressions is a list of label selector requirements.

13649

items:

13650

description: A label selector requirement is a selector that contains values, a key, and an o

13651

properties:

13652

key:

13653

description: key is the label key that the selector applies to.

13654

type: string

13655

operator:

13656

description: operator represents a key's relationship to a set of values.

13657

type: string

13658

values:

13659

description: values is an array of string values.

13660

items:

13661

type: string

13662

type: array

13663

required:

13664

- key

13665

- operator

13666

type: object

13667

type: array

13668

matchLabels:

13669

additionalProperties:

13670

type: string

13671

description: matchLabels is a map of {key,value} pairs.

13672

type: object

13673

type: object

13674

x-kubernetes-map-type: atomic

13675

namespaceSelector:

13676

description: A label query over the set of namespaces that the term applies to.

13677

properties:

13678

matchExpressions:

13679

description: matchExpressions is a list of label selector requirements.

13680

items:

13681

description: A label selector requirement is a selector that contains values, a key, and an o

13682

properties:

13683

key:

13684

description: key is the label key that the selector applies to.

13685

type: string

13686

operator:

13687

description: operator represents a key's relationship to a set of values.

13688

type: string

13689

values:

13690

description: values is an array of string values.

13691

items:

13692

type: string

13693

type: array

13694

required:

13695

- key

13696

- operator

13697

type: object

13698

type: array

13699

matchLabels:

13700

additionalProperties:

13701

type: string

13702

description: matchLabels is a map of {key,value} pairs.

13703

type: object

13704

type: object

13705

x-kubernetes-map-type: atomic

13706

namespaces:

13707

description: namespaces specifies a static list of namespace names that the term applies to.

13708

items:

13709

type: string

13710

type: array

13711

topologyKey:

13712

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

13713

type: string

13714

required:

13715

- topologyKey

13716

type: object

13717

weight:

13718

description: 'weight associated with matching the corresponding podAffinityTerm, in the range '

13719

format: int32

13720

type: integer

13721

required:

13722

- podAffinityTerm

13723

- weight

13724

type: object

13725

type: array

13726

requiredDuringSchedulingIgnoredDuringExecution:

13727

description: If the anti-affinity requirements specified by this field are not met at schedul

13728

items:

13729

description: Defines a set of pods (namely those matching the labelSelector relative to the g

13730

properties:

13731

labelSelector:

13732

description: A label query over a set of resources, in this case pods.

13733

properties:

13734

matchExpressions:

13735

description: matchExpressions is a list of label selector requirements.

13736

items:

13737

description: A label selector requirement is a selector that contains values, a key, and an o

13738

properties:

13739

key:

13740

description: key is the label key that the selector applies to.

13741

type: string

13742

operator:

13743

description: operator represents a key's relationship to a set of values.

13744

type: string

13745

values:

13746

description: values is an array of string values.

13747

items:

13748

type: string

13749

type: array

13750

required:

13751

- key

13752

- operator

13753

type: object

13754

type: array

13755

matchLabels:

13756

additionalProperties:

13757

type: string

13758

description: matchLabels is a map of {key,value} pairs.

13759

type: object

13760

type: object

13761

x-kubernetes-map-type: atomic

13762

namespaceSelector:

13763

description: A label query over the set of namespaces that the term applies to.

13764

properties:

13765

matchExpressions:

13766

description: matchExpressions is a list of label selector requirements.

13767

items:

13768

description: A label selector requirement is a selector that contains values, a key, and an o

13769

properties:

13770

key:

13771

description: key is the label key that the selector applies to.

13772

type: string

13773

operator:

13774

description: operator represents a key's relationship to a set of values.

13775

type: string

13776

values:

13777

description: values is an array of string values.

13778

items:

13779

type: string

13780

type: array

13781

required:

13782

- key

13783

- operator

13784

type: object

13785

type: array

13786

matchLabels:

13787

additionalProperties:

13788

type: string

13789

description: matchLabels is a map of {key,value} pairs.

13790

type: object

13791

type: object

13792

x-kubernetes-map-type: atomic

13793

namespaces:

13794

description: namespaces specifies a static list of namespace names that the term applies to.

13795

items:

13796

type: string

13797

type: array

13798

topologyKey:

13799

description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '

13800

type: string

13801

required:

13802

- topologyKey

13803

type: object

13804

type: array

13805

type: object

13806

type: object

13807

automountServiceAccountToken:

13808

description: AutomountServiceAccountToken indicates whether a service account token should be

13809

type: boolean

13810

containers:

13811

description: List of containers belonging to the pod.

13812

items:

13813

description: A single application container that you want to run within a pod.

13814

properties:

13815

args:

13816

description: Arguments to the entrypoint.

13817

items:

13818

type: string

13819

type: array

13820

command:

13821

description: Entrypoint array. Not executed within a shell.

13822

items:

13823

type: string

13824

type: array

13825

env:

13826

description: List of environment variables to set in the container. Cannot be updated.

13827

items:

13828

description: EnvVar represents an environment variable present in a Container.

13829

properties:

13830

name:

13831

description: Name of the environment variable. Must be a C_IDENTIFIER.

13832

type: string

13833

value:

13834

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

13835

type: string

13836

valueFrom:

13837

description: Source for the environment variable's value.

13838

properties:

13839

configMapKeyRef:

13840

description: Selects a key of a ConfigMap.

13841

properties:

13842

key:

13843

description: The key to select.

13844

type: string

13845

name:

13846

description: 'Name of the referent. More info: https://kubernetes.'

13847

type: string

13848

optional:

13849

description: Specify whether the ConfigMap or its key must be defined

13850

type: boolean

13851

required:

13852

- key

13853

type: object

13854

x-kubernetes-map-type: atomic

13855

fieldRef:

13856

description: 'Selects a field of the pod: supports metadata.name, metadata.'

13857

properties:

13858

apiVersion:

13859

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

13860

type: string

13861

fieldPath:

13862

description: Path of the field to select in the specified API version.

13863

type: string

13864

required:

13865

- fieldPath

13866

type: object

13867

x-kubernetes-map-type: atomic

13868

resourceFieldRef:

13869

description: 'Selects a resource of the container: only resources limits and requests (limits.'

13870

properties:

13871

containerName:

13872

description: 'Container name: required for volumes, optional for env vars'

13873

type: string

13874

divisor:

13875

anyOf:

13876

- type: integer

13877

- type: string

13878

description: Specifies the output format of the exposed resources, defaults to "1"

13879

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

13880

x-kubernetes-int-or-string: true

13881

resource:

13882

description: 'Required: resource to select'

13883

type: string

13884

required:

13885

- resource

13886

type: object

13887

x-kubernetes-map-type: atomic

13888

secretKeyRef:

13889

description: Selects a key of a secret in the pod's namespace

13890

properties:

13891

key:

13892

description: The key of the secret to select from. Must be a valid secret key.

13893

type: string

13894

name:

13895

description: 'Name of the referent. More info: https://kubernetes.'

13896

type: string

13897

optional:

13898

description: Specify whether the Secret or its key must be defined

13899

type: boolean

13900

required:

13901

- key

13902

type: object

13903

x-kubernetes-map-type: atomic

13904

type: object

13905

required:

13906

- name

13907

type: object

13908

type: array

13909

envFrom:

13910

description: List of sources to populate environment variables in the container.

13911

items:

13912

description: EnvFromSource represents the source of a set of ConfigMaps

13913

properties:

13914

configMapRef:

13915

description: The ConfigMap to select from

13916

properties:

13917

name:

13918

description: 'Name of the referent. More info: https://kubernetes.'

13919

type: string

13920

optional:

13921

description: Specify whether the ConfigMap must be defined

13922

type: boolean

13923

type: object

13924

x-kubernetes-map-type: atomic

13925

prefix:

13926

description: An optional identifier to prepend to each key in the ConfigMap.

13927

type: string

13928

secretRef:

13929

description: The Secret to select from

13930

properties:

13931

name:

13932

description: 'Name of the referent. More info: https://kubernetes.'

13933

type: string

13934

optional:

13935

description: Specify whether the Secret must be defined

13936

type: boolean

13937

type: object

13938

x-kubernetes-map-type: atomic

13939

type: object

13940

type: array

13941

image:

13942

description: 'Docker image name. More info: https://kubernetes.'

13943

type: string

13944

imagePullPolicy:

13945

description: Image pull policy. One of Always, Never, IfNotPresent.

13946

type: string

13947

lifecycle:

13948

description: Actions that the management system should take in response to container lifecycl

13949

properties:

13950

postStart:

13951

description: PostStart is called immediately after a container is created.

13952

properties:

13953

exec:

13954

description: Exec specifies the action to take.

13955

properties:

13956

command:

13957

description: Command is the command line to execute inside the container, the working directo

13958

items:

13959

type: string

13960

type: array

13961

type: object

13962

httpGet:

13963

description: HTTPGet specifies the http request to perform.

13964

properties:

13965

host:

13966

description: Host name to connect to, defaults to the pod IP.

13967

type: string

13968

httpHeaders:

13969

description: Custom headers to set in the request. HTTP allows repeated headers.

13970

items:

13971

description: HTTPHeader describes a custom header to be used in HTTP probes

13972

properties:

13973

name:

13974

description: The header field name

13975

type: string

13976

value:

13977

description: The header field value

13978

type: string

13979

required:

13980

- name

13981

- value

13982

type: object

13983

type: array

13984

path:

13985

description: Path to access on the HTTP server.

13986

type: string

13987

port:

13988

anyOf:

13989

- type: integer

13990

- type: string

13991

description: Name or number of the port to access on the container.

13992

x-kubernetes-int-or-string: true

13993

scheme:

13994

description: Scheme to use for connecting to the host. Defaults to HTTP.

13995

type: string

13996

required:

13997

- port

13998

type: object

13999

tcpSocket:

14000

description: Deprecated.

14001

properties:

14002

host:

14003

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14004

type: string

14005

port:

14006

anyOf:

14007

- type: integer

14008

- type: string

14009

description: Number or name of the port to access on the container.

14010

x-kubernetes-int-or-string: true

14011

required:

14012

- port

14013

type: object

14014

type: object

14015

preStop:

14016

description: PreStop is called immediately before a container is terminated due to an API req

14017

properties:

14018

exec:

14019

description: Exec specifies the action to take.

14020

properties:

14021

command:

14022

description: Command is the command line to execute inside the container, the working directo

14023

items:

14024

type: string

14025

type: array

14026

type: object

14027

httpGet:

14028

description: HTTPGet specifies the http request to perform.

14029

properties:

14030

host:

14031

description: Host name to connect to, defaults to the pod IP.

14032

type: string

14033

httpHeaders:

14034

description: Custom headers to set in the request. HTTP allows repeated headers.

14035

items:

14036

description: HTTPHeader describes a custom header to be used in HTTP probes

14037

properties:

14038

name:

14039

description: The header field name

14040

type: string

14041

value:

14042

description: The header field value

14043

type: string

14044

required:

14045

- name

14046

- value

14047

type: object

14048

type: array

14049

path:

14050

description: Path to access on the HTTP server.

14051

type: string

14052

port:

14053

anyOf:

14054

- type: integer

14055

- type: string

14056

description: Name or number of the port to access on the container.

14057

x-kubernetes-int-or-string: true

14058

scheme:

14059

description: Scheme to use for connecting to the host. Defaults to HTTP.

14060

type: string

14061

required:

14062

- port

14063

type: object

14064

tcpSocket:

14065

description: Deprecated.

14066

properties:

14067

host:

14068

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14069

type: string

14070

port:

14071

anyOf:

14072

- type: integer

14073

- type: string

14074

description: Number or name of the port to access on the container.

14075

x-kubernetes-int-or-string: true

14076

required:

14077

- port

14078

type: object

14079

type: object

14080

type: object

14081

livenessProbe:

14082

description: Periodic probe of container liveness.

14083

properties:

14084

exec:

14085

description: Exec specifies the action to take.

14086

properties:

14087

command:

14088

description: Command is the command line to execute inside the container, the working directo

14089

items:

14090

type: string

14091

type: array

14092

type: object

14093

failureThreshold:

14094

description: 'Minimum consecutive failures for the probe to be considered failed after having '

14095

format: int32

14096

type: integer

14097

grpc:

14098

description: GRPC specifies an action involving a GRPC port.

14099

properties:

14100

port:

14101

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

14102

format: int32

14103

type: integer

14104

service:

14105

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

14106

type: string

14107

required:

14108

- port

14109

type: object

14110

httpGet:

14111

description: HTTPGet specifies the http request to perform.

14112

properties:

14113

host:

14114

description: Host name to connect to, defaults to the pod IP.

14115

type: string

14116

httpHeaders:

14117

description: Custom headers to set in the request. HTTP allows repeated headers.

14118

items:

14119

description: HTTPHeader describes a custom header to be used in HTTP probes

14120

properties:

14121

name:

14122

description: The header field name

14123

type: string

14124

value:

14125

description: The header field value

14126

type: string

14127

required:

14128

- name

14129

- value

14130

type: object

14131

type: array

14132

path:

14133

description: Path to access on the HTTP server.

14134

type: string

14135

port:

14136

anyOf:

14137

- type: integer

14138

- type: string

14139

description: Name or number of the port to access on the container.

14140

x-kubernetes-int-or-string: true

14141

scheme:

14142

description: Scheme to use for connecting to the host. Defaults to HTTP.

14143

type: string

14144

required:

14145

- port

14146

type: object

14147

initialDelaySeconds:

14148

description: Number of seconds after the container has started before liveness probes are ini

14149

format: int32

14150

type: integer

14151

periodSeconds:

14152

description: How often (in seconds) to perform the probe. Default to 10 seconds.

14153

format: int32

14154

type: integer

14155

successThreshold:

14156

description: Minimum consecutive successes for the probe to be considered successful after ha

14157

format: int32

14158

type: integer

14159

tcpSocket:

14160

description: TCPSocket specifies an action involving a TCP port.

14161

properties:

14162

host:

14163

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14164

type: string

14165

port:

14166

anyOf:

14167

- type: integer

14168

- type: string

14169

description: Number or name of the port to access on the container.

14170

x-kubernetes-int-or-string: true

14171

required:

14172

- port

14173

type: object

14174

terminationGracePeriodSeconds:

14175

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

14176

format: int64

14177

type: integer

14178

timeoutSeconds:

14179

description: Number of seconds after which the probe times out. Defaults to 1 second.

14180

format: int32

14181

type: integer

14182

type: object

14183

name:

14184

description: Name of the container specified as a DNS_LABEL.

14185

type: string

14186

ports:

14187

description: List of ports to expose from the container.

14188

items:

14189

description: ContainerPort represents a network port in a single container.

14190

properties:

14191

containerPort:

14192

description: Number of port to expose on the pod's IP address.

14193

format: int32

14194

type: integer

14195

hostIP:

14196

description: What host IP to bind the external port to.

14197

type: string

14198

hostPort:

14199

description: Number of port to expose on the host.

14200

format: int32

14201

type: integer

14202

name:

14203

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

14204

type: string

14205

protocol:

14206

default: TCP

14207

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

14208

type: string

14209

required:

14210

- containerPort

14211

type: object

14212

type: array

14213

x-kubernetes-list-map-keys:

14214

- containerPort

14215

- protocol

14216

x-kubernetes-list-type: map

14217

readinessProbe:

14218

description: Periodic probe of container service readiness.

14219

properties:

14220

exec:

14221

description: Exec specifies the action to take.

14222

properties:

14223

command:

14224

description: Command is the command line to execute inside the container, the working directo

14225

items:

14226

type: string

14227

type: array

14228

type: object

14229

failureThreshold:

14230

description: 'Minimum consecutive failures for the probe to be considered failed after having '

14231

format: int32

14232

type: integer

14233

grpc:

14234

description: GRPC specifies an action involving a GRPC port.

14235

properties:

14236

port:

14237

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

14238

format: int32

14239

type: integer

14240

service:

14241

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

14242

type: string

14243

required:

14244

- port

14245

type: object

14246

httpGet:

14247

description: HTTPGet specifies the http request to perform.

14248

properties:

14249

host:

14250

description: Host name to connect to, defaults to the pod IP.

14251

type: string

14252

httpHeaders:

14253

description: Custom headers to set in the request. HTTP allows repeated headers.

14254

items:

14255

description: HTTPHeader describes a custom header to be used in HTTP probes

14256

properties:

14257

name:

14258

description: The header field name

14259

type: string

14260

value:

14261

description: The header field value

14262

type: string

14263

required:

14264

- name

14265

- value

14266

type: object

14267

type: array

14268

path:

14269

description: Path to access on the HTTP server.

14270

type: string

14271

port:

14272

anyOf:

14273

- type: integer

14274

- type: string

14275

description: Name or number of the port to access on the container.

14276

x-kubernetes-int-or-string: true

14277

scheme:

14278

description: Scheme to use for connecting to the host. Defaults to HTTP.

14279

type: string

14280

required:

14281

- port

14282

type: object

14283

initialDelaySeconds:

14284

description: Number of seconds after the container has started before liveness probes are ini

14285

format: int32

14286

type: integer

14287

periodSeconds:

14288

description: How often (in seconds) to perform the probe. Default to 10 seconds.

14289

format: int32

14290

type: integer

14291

successThreshold:

14292

description: Minimum consecutive successes for the probe to be considered successful after ha

14293

format: int32

14294

type: integer

14295

tcpSocket:

14296

description: TCPSocket specifies an action involving a TCP port.

14297

properties:

14298

host:

14299

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14300

type: string

14301

port:

14302

anyOf:

14303

- type: integer

14304

- type: string

14305

description: Number or name of the port to access on the container.

14306

x-kubernetes-int-or-string: true

14307

required:

14308

- port

14309

type: object

14310

terminationGracePeriodSeconds:

14311

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

14312

format: int64

14313

type: integer

14314

timeoutSeconds:

14315

description: Number of seconds after which the probe times out. Defaults to 1 second.

14316

format: int32

14317

type: integer

14318

type: object

14319

resources:

14320

description: Compute Resources required by this container. Cannot be updated.

14321

properties:

14322

limits:

14323

additionalProperties:

14324

anyOf:

14325

- type: integer

14326

- type: string

14327

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

14328

x-kubernetes-int-or-string: true

14329

description: Limits describes the maximum amount of compute resources allowed.

14330

type: object

14331

requests:

14332

additionalProperties:

14333

anyOf:

14334

- type: integer

14335

- type: string

14336

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

14337

x-kubernetes-int-or-string: true

14338

description: Requests describes the minimum amount of compute resources required.

14339

type: object

14340

type: object

14341

securityContext:

14342

description: SecurityContext defines the security options the container should be run with.

14343

properties:

14344

allowPrivilegeEscalation:

14345

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

14346

type: boolean

14347

capabilities:

14348

description: The capabilities to add/drop when running containers.

14349

properties:

14350

add:

14351

description: Added capabilities

14352

items:

14353

description: Capability represent POSIX capabilities type

14354

type: string

14355

type: array

14356

drop:

14357

description: Removed capabilities

14358

items:

14359

description: Capability represent POSIX capabilities type

14360

type: string

14361

type: array

14362

type: object

14363

privileged:

14364

description: Run container in privileged mode.

14365

type: boolean

14366

procMount:

14367

description: procMount denotes the type of proc mount to use for the containers.

14368

type: string

14369

readOnlyRootFilesystem:

14370

description: Whether this container has a read-only root filesystem. Default is false.

14371

type: boolean

14372

runAsGroup:

14373

description: The GID to run the entrypoint of the container process.

14374

format: int64

14375

type: integer

14376

runAsNonRoot:

14377

description: Indicates that the container must run as a non-root user.

14378

type: boolean

14379

runAsUser:

14380

description: The UID to run the entrypoint of the container process.

14381

format: int64

14382

type: integer

14383

seLinuxOptions:

14384

description: The SELinux context to be applied to the container.

14385

properties:

14386

level:

14387

description: Level is SELinux level label that applies to the container.

14388

type: string

14389

role:

14390

description: Role is a SELinux role label that applies to the container.

14391

type: string

14392

type:

14393

description: Type is a SELinux type label that applies to the container.

14394

type: string

14395

user:

14396

description: User is a SELinux user label that applies to the container.

14397

type: string

14398

type: object

14399

seccompProfile:

14400

description: The seccomp options to use by this container.

14401

properties:

14402

localhostProfile:

14403

description: localhostProfile indicates a profile defined in a file on the node should be use

14404

type: string

14405

type:

14406

description: type indicates which kind of seccomp profile will be applied.

14407

type: string

14408

required:

14409

- type

14410

type: object

14411

windowsOptions:

14412

description: The Windows specific settings applied to all containers.

14413

properties:

14414

gmsaCredentialSpec:

14415

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

14416

type: string

14417

gmsaCredentialSpecName:

14418

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

14419

type: string

14420

hostProcess:

14421

description: HostProcess determines if a container should be run as a 'Host Process' containe

14422

type: boolean

14423

runAsUserName:

14424

description: The UserName in Windows to run the entrypoint of the container process.

14425

type: string

14426

type: object

14427

type: object

14428

startupProbe:

14429

description: StartupProbe indicates that the Pod has successfully initialized.

14430

properties:

14431

exec:

14432

description: Exec specifies the action to take.

14433

properties:

14434

command:

14435

description: Command is the command line to execute inside the container, the working directo

14436

items:

14437

type: string

14438

type: array

14439

type: object

14440

failureThreshold:

14441

description: 'Minimum consecutive failures for the probe to be considered failed after having '

14442

format: int32

14443

type: integer

14444

grpc:

14445

description: GRPC specifies an action involving a GRPC port.

14446

properties:

14447

port:

14448

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

14449

format: int32

14450

type: integer

14451

service:

14452

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

14453

type: string

14454

required:

14455

- port

14456

type: object

14457

httpGet:

14458

description: HTTPGet specifies the http request to perform.

14459

properties:

14460

host:

14461

description: Host name to connect to, defaults to the pod IP.

14462

type: string

14463

httpHeaders:

14464

description: Custom headers to set in the request. HTTP allows repeated headers.

14465

items:

14466

description: HTTPHeader describes a custom header to be used in HTTP probes

14467

properties:

14468

name:

14469

description: The header field name

14470

type: string

14471

value:

14472

description: The header field value

14473

type: string

14474

required:

14475

- name

14476

- value

14477

type: object

14478

type: array

14479

path:

14480

description: Path to access on the HTTP server.

14481

type: string

14482

port:

14483

anyOf:

14484

- type: integer

14485

- type: string

14486

description: Name or number of the port to access on the container.

14487

x-kubernetes-int-or-string: true

14488

scheme:

14489

description: Scheme to use for connecting to the host. Defaults to HTTP.

14490

type: string

14491

required:

14492

- port

14493

type: object

14494

initialDelaySeconds:

14495

description: Number of seconds after the container has started before liveness probes are ini

14496

format: int32

14497

type: integer

14498

periodSeconds:

14499

description: How often (in seconds) to perform the probe. Default to 10 seconds.

14500

format: int32

14501

type: integer

14502

successThreshold:

14503

description: Minimum consecutive successes for the probe to be considered successful after ha

14504

format: int32

14505

type: integer

14506

tcpSocket:

14507

description: TCPSocket specifies an action involving a TCP port.

14508

properties:

14509

host:

14510

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14511

type: string

14512

port:

14513

anyOf:

14514

- type: integer

14515

- type: string

14516

description: Number or name of the port to access on the container.

14517

x-kubernetes-int-or-string: true

14518

required:

14519

- port

14520

type: object

14521

terminationGracePeriodSeconds:

14522

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

14523

format: int64

14524

type: integer

14525

timeoutSeconds:

14526

description: Number of seconds after which the probe times out. Defaults to 1 second.

14527

format: int32

14528

type: integer

14529

type: object

14530

stdin:

14531

description: Whether this container should allocate a buffer for stdin in the container runti

14532

type: boolean

14533

stdinOnce:

14534

description: Whether the container runtime should close the stdin channel after it has been o

14535

type: boolean

14536

terminationMessagePath:

14537

description: 'Optional: Path at which the file to which the container''s termination message wi'

14538

type: string

14539

terminationMessagePolicy:

14540

description: Indicate how the termination message should be populated.

14541

type: string

14542

tty:

14543

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

14544

type: boolean

14545

volumeDevices:

14546

description: volumeDevices is the list of block devices to be used by the container.

14547

items:

14548

description: volumeDevice describes a mapping of a raw block device within a container.

14549

properties:

14550

devicePath:

14551

description: devicePath is the path inside of the container that the device will be mapped to

14552

type: string

14553

name:

14554

description: name must match the name of a persistentVolumeClaim in the pod

14555

type: string

14556

required:

14557

- devicePath

14558

- name

14559

type: object

14560

type: array

14561

volumeMounts:

14562

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

14563

items:

14564

description: VolumeMount describes a mounting of a Volume within a container.

14565

properties:

14566

mountPath:

14567

description: Path within the container at which the volume should be mounted.

14568

type: string

14569

mountPropagation:

14570

description: mountPropagation determines how mounts are propagated from the host to container

14571

type: string

14572

name:

14573

description: This must match the Name of a Volume.

14574

type: string

14575

readOnly:

14576

description: Mounted read-only if true, read-write otherwise (false or unspecified).

14577

type: boolean

14578

subPath:

14579

description: Path within the volume from which the container's volume should be mounted.

14580

type: string

14581

subPathExpr:

14582

description: Expanded path within the volume from which the container's volume should be moun

14583

type: string

14584

required:

14585

- mountPath

14586

- name

14587

type: object

14588

type: array

14589

workingDir:

14590

description: Container's working directory.

14591

type: string

14592

required:

14593

- name

14594

type: object

14595

type: array

14596

dnsConfig:

14597

description: Specifies the DNS parameters of a pod.

14598

properties:

14599

nameservers:

14600

description: A list of DNS name server IP addresses.

14601

items:

14602

type: string

14603

type: array

14604

options:

14605

description: A list of DNS resolver options.

14606

items:

14607

description: PodDNSConfigOption defines DNS resolver options of a pod.

14608

properties:

14609

name:

14610

description: Required.

14611

type: string

14612

value:

14613

type: string

14614

type: object

14615

type: array

14616

searches:

14617

description: A list of DNS search domains for host-name lookup.

14618

items:

14619

type: string

14620

type: array

14621

type: object

14622

dnsPolicy:

14623

description: Set DNS policy for the pod. Defaults to "ClusterFirst".

14624

type: string

14625

enableServiceLinks:

14626

description: EnableServiceLinks indicates whether information about services should be inject

14627

type: boolean

14628

ephemeralContainers:

14629

description: List of ephemeral containers run in this pod.

14630

items:

14631

description: An EphemeralContainer is a temporary container that you may add to an existing P

14632

properties:

14633

args:

14634

description: Arguments to the entrypoint.

14635

items:

14636

type: string

14637

type: array

14638

command:

14639

description: Entrypoint array. Not executed within a shell.

14640

items:

14641

type: string

14642

type: array

14643

env:

14644

description: List of environment variables to set in the container. Cannot be updated.

14645

items:

14646

description: EnvVar represents an environment variable present in a Container.

14647

properties:

14648

name:

14649

description: Name of the environment variable. Must be a C_IDENTIFIER.

14650

type: string

14651

value:

14652

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

14653

type: string

14654

valueFrom:

14655

description: Source for the environment variable's value.

14656

properties:

14657

configMapKeyRef:

14658

description: Selects a key of a ConfigMap.

14659

properties:

14660

key:

14661

description: The key to select.

14662

type: string

14663

name:

14664

description: 'Name of the referent. More info: https://kubernetes.'

14665

type: string

14666

optional:

14667

description: Specify whether the ConfigMap or its key must be defined

14668

type: boolean

14669

required:

14670

- key

14671

type: object

14672

x-kubernetes-map-type: atomic

14673

fieldRef:

14674

description: 'Selects a field of the pod: supports metadata.name, metadata.'

14675

properties:

14676

apiVersion:

14677

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

14678

type: string

14679

fieldPath:

14680

description: Path of the field to select in the specified API version.

14681

type: string

14682

required:

14683

- fieldPath

14684

type: object

14685

x-kubernetes-map-type: atomic

14686

resourceFieldRef:

14687

description: 'Selects a resource of the container: only resources limits and requests (limits.'

14688

properties:

14689

containerName:

14690

description: 'Container name: required for volumes, optional for env vars'

14691

type: string

14692

divisor:

14693

anyOf:

14694

- type: integer

14695

- type: string

14696

description: Specifies the output format of the exposed resources, defaults to "1"

14697

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

14698

x-kubernetes-int-or-string: true

14699

resource:

14700

description: 'Required: resource to select'

14701

type: string

14702

required:

14703

- resource

14704

type: object

14705

x-kubernetes-map-type: atomic

14706

secretKeyRef:

14707

description: Selects a key of a secret in the pod's namespace

14708

properties:

14709

key:

14710

description: The key of the secret to select from. Must be a valid secret key.

14711

type: string

14712

name:

14713

description: 'Name of the referent. More info: https://kubernetes.'

14714

type: string

14715

optional:

14716

description: Specify whether the Secret or its key must be defined

14717

type: boolean

14718

required:

14719

- key

14720

type: object

14721

x-kubernetes-map-type: atomic

14722

type: object

14723

required:

14724

- name

14725

type: object

14726

type: array

14727

envFrom:

14728

description: List of sources to populate environment variables in the container.

14729

items:

14730

description: EnvFromSource represents the source of a set of ConfigMaps

14731

properties:

14732

configMapRef:

14733

description: The ConfigMap to select from

14734

properties:

14735

name:

14736

description: 'Name of the referent. More info: https://kubernetes.'

14737

type: string

14738

optional:

14739

description: Specify whether the ConfigMap must be defined

14740

type: boolean

14741

type: object

14742

x-kubernetes-map-type: atomic

14743

prefix:

14744

description: An optional identifier to prepend to each key in the ConfigMap.

14745

type: string

14746

secretRef:

14747

description: The Secret to select from

14748

properties:

14749

name:

14750

description: 'Name of the referent. More info: https://kubernetes.'

14751

type: string

14752

optional:

14753

description: Specify whether the Secret must be defined

14754

type: boolean

14755

type: object

14756

x-kubernetes-map-type: atomic

14757

type: object

14758

type: array

14759

image:

14760

description: 'Docker image name. More info: https://kubernetes.'

14761

type: string

14762

imagePullPolicy:

14763

description: Image pull policy. One of Always, Never, IfNotPresent.

14764

type: string

14765

lifecycle:

14766

description: Lifecycle is not allowed for ephemeral containers.

14767

properties:

14768

postStart:

14769

description: PostStart is called immediately after a container is created.

14770

properties:

14771

exec:

14772

description: Exec specifies the action to take.

14773

properties:

14774

command:

14775

description: Command is the command line to execute inside the container, the working directo

14776

items:

14777

type: string

14778

type: array

14779

type: object

14780

httpGet:

14781

description: HTTPGet specifies the http request to perform.

14782

properties:

14783

host:

14784

description: Host name to connect to, defaults to the pod IP.

14785

type: string

14786

httpHeaders:

14787

description: Custom headers to set in the request. HTTP allows repeated headers.

14788

items:

14789

description: HTTPHeader describes a custom header to be used in HTTP probes

14790

properties:

14791

name:

14792

description: The header field name

14793

type: string

14794

value:

14795

description: The header field value

14796

type: string

14797

required:

14798

- name

14799

- value

14800

type: object

14801

type: array

14802

path:

14803

description: Path to access on the HTTP server.

14804

type: string

14805

port:

14806

anyOf:

14807

- type: integer

14808

- type: string

14809

description: Name or number of the port to access on the container.

14810

x-kubernetes-int-or-string: true

14811

scheme:

14812

description: Scheme to use for connecting to the host. Defaults to HTTP.

14813

type: string

14814

required:

14815

- port

14816

type: object

14817

tcpSocket:

14818

description: Deprecated.

14819

properties:

14820

host:

14821

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14822

type: string

14823

port:

14824

anyOf:

14825

- type: integer

14826

- type: string

14827

description: Number or name of the port to access on the container.

14828

x-kubernetes-int-or-string: true

14829

required:

14830

- port

14831

type: object

14832

type: object

14833

preStop:

14834

description: PreStop is called immediately before a container is terminated due to an API req

14835

properties:

14836

exec:

14837

description: Exec specifies the action to take.

14838

properties:

14839

command:

14840

description: Command is the command line to execute inside the container, the working directo

14841

items:

14842

type: string

14843

type: array

14844

type: object

14845

httpGet:

14846

description: HTTPGet specifies the http request to perform.

14847

properties:

14848

host:

14849

description: Host name to connect to, defaults to the pod IP.

14850

type: string

14851

httpHeaders:

14852

description: Custom headers to set in the request. HTTP allows repeated headers.

14853

items:

14854

description: HTTPHeader describes a custom header to be used in HTTP probes

14855

properties:

14856

name:

14857

description: The header field name

14858

type: string

14859

value:

14860

description: The header field value

14861

type: string

14862

required:

14863

- name

14864

- value

14865

type: object

14866

type: array

14867

path:

14868

description: Path to access on the HTTP server.

14869

type: string

14870

port:

14871

anyOf:

14872

- type: integer

14873

- type: string

14874

description: Name or number of the port to access on the container.

14875

x-kubernetes-int-or-string: true

14876

scheme:

14877

description: Scheme to use for connecting to the host. Defaults to HTTP.

14878

type: string

14879

required:

14880

- port

14881

type: object

14882

tcpSocket:

14883

description: Deprecated.

14884

properties:

14885

host:

14886

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14887

type: string

14888

port:

14889

anyOf:

14890

- type: integer

14891

- type: string

14892

description: Number or name of the port to access on the container.

14893

x-kubernetes-int-or-string: true

14894

required:

14895

- port

14896

type: object

14897

type: object

14898

type: object

14899

livenessProbe:

14900

description: Probes are not allowed for ephemeral containers.

14901

properties:

14902

exec:

14903

description: Exec specifies the action to take.

14904

properties:

14905

command:

14906

description: Command is the command line to execute inside the container, the working directo

14907

items:

14908

type: string

14909

type: array

14910

type: object

14911

failureThreshold:

14912

description: 'Minimum consecutive failures for the probe to be considered failed after having '

14913

format: int32

14914

type: integer

14915

grpc:

14916

description: GRPC specifies an action involving a GRPC port.

14917

properties:

14918

port:

14919

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

14920

format: int32

14921

type: integer

14922

service:

14923

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

14924

type: string

14925

required:

14926

- port

14927

type: object

14928

httpGet:

14929

description: HTTPGet specifies the http request to perform.

14930

properties:

14931

host:

14932

description: Host name to connect to, defaults to the pod IP.

14933

type: string

14934

httpHeaders:

14935

description: Custom headers to set in the request. HTTP allows repeated headers.

14936

items:

14937

description: HTTPHeader describes a custom header to be used in HTTP probes

14938

properties:

14939

name:

14940

description: The header field name

14941

type: string

14942

value:

14943

description: The header field value

14944

type: string

14945

required:

14946

- name

14947

- value

14948

type: object

14949

type: array

14950

path:

14951

description: Path to access on the HTTP server.

14952

type: string

14953

port:

14954

anyOf:

14955

- type: integer

14956

- type: string

14957

description: Name or number of the port to access on the container.

14958

x-kubernetes-int-or-string: true

14959

scheme:

14960

description: Scheme to use for connecting to the host. Defaults to HTTP.

14961

type: string

14962

required:

14963

- port

14964

type: object

14965

initialDelaySeconds:

14966

description: Number of seconds after the container has started before liveness probes are ini

14967

format: int32

14968

type: integer

14969

periodSeconds:

14970

description: How often (in seconds) to perform the probe. Default to 10 seconds.

14971

format: int32

14972

type: integer

14973

successThreshold:

14974

description: Minimum consecutive successes for the probe to be considered successful after ha

14975

format: int32

14976

type: integer

14977

tcpSocket:

14978

description: TCPSocket specifies an action involving a TCP port.

14979

properties:

14980

host:

14981

description: 'Optional: Host name to connect to, defaults to the pod IP.'

14982

type: string

14983

port:

14984

anyOf:

14985

- type: integer

14986

- type: string

14987

description: Number or name of the port to access on the container.

14988

x-kubernetes-int-or-string: true

14989

required:

14990

- port

14991

type: object

14992

terminationGracePeriodSeconds:

14993

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

14994

format: int64

14995

type: integer

14996

timeoutSeconds:

14997

description: Number of seconds after which the probe times out. Defaults to 1 second.

14998

format: int32

14999

type: integer

15000

type: object

15001

name:

15002

description: Name of the ephemeral container specified as a DNS_LABEL.

15003

type: string

15004

ports:

15005

description: Ports are not allowed for ephemeral containers.

15006

items:

15007

description: ContainerPort represents a network port in a single container.

15008

properties:

15009

containerPort:

15010

description: Number of port to expose on the pod's IP address.

15011

format: int32

15012

type: integer

15013

hostIP:

15014

description: What host IP to bind the external port to.

15015

type: string

15016

hostPort:

15017

description: Number of port to expose on the host.

15018

format: int32

15019

type: integer

15020

name:

15021

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

15022

type: string

15023

protocol:

15024

default: TCP

15025

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

15026

type: string

15027

required:

15028

- containerPort

15029

type: object

15030

type: array

15031

x-kubernetes-list-map-keys:

15032

- containerPort

15033

- protocol

15034

x-kubernetes-list-type: map

15035

readinessProbe:

15036

description: Probes are not allowed for ephemeral containers.

15037

properties:

15038

exec:

15039

description: Exec specifies the action to take.

15040

properties:

15041

command:

15042

description: Command is the command line to execute inside the container, the working directo

15043

items:

15044

type: string

15045

type: array

15046

type: object

15047

failureThreshold:

15048

description: 'Minimum consecutive failures for the probe to be considered failed after having '

15049

format: int32

15050

type: integer

15051

grpc:

15052

description: GRPC specifies an action involving a GRPC port.

15053

properties:

15054

port:

15055

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

15056

format: int32

15057

type: integer

15058

service:

15059

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

15060

type: string

15061

required:

15062

- port

15063

type: object

15064

httpGet:

15065

description: HTTPGet specifies the http request to perform.

15066

properties:

15067

host:

15068

description: Host name to connect to, defaults to the pod IP.

15069

type: string

15070

httpHeaders:

15071

description: Custom headers to set in the request. HTTP allows repeated headers.

15072

items:

15073

description: HTTPHeader describes a custom header to be used in HTTP probes

15074

properties:

15075

name:

15076

description: The header field name

15077

type: string

15078

value:

15079

description: The header field value

15080

type: string

15081

required:

15082

- name

15083

- value

15084

type: object

15085

type: array

15086

path:

15087

description: Path to access on the HTTP server.

15088

type: string

15089

port:

15090

anyOf:

15091

- type: integer

15092

- type: string

15093

description: Name or number of the port to access on the container.

15094

x-kubernetes-int-or-string: true

15095

scheme:

15096

description: Scheme to use for connecting to the host. Defaults to HTTP.

15097

type: string

15098

required:

15099

- port

15100

type: object

15101

initialDelaySeconds:

15102

description: Number of seconds after the container has started before liveness probes are ini

15103

format: int32

15104

type: integer

15105

periodSeconds:

15106

description: How often (in seconds) to perform the probe. Default to 10 seconds.

15107

format: int32

15108

type: integer

15109

successThreshold:

15110

description: Minimum consecutive successes for the probe to be considered successful after ha

15111

format: int32

15112

type: integer

15113

tcpSocket:

15114

description: TCPSocket specifies an action involving a TCP port.

15115

properties:

15116

host:

15117

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15118

type: string

15119

port:

15120

anyOf:

15121

- type: integer

15122

- type: string

15123

description: Number or name of the port to access on the container.

15124

x-kubernetes-int-or-string: true

15125

required:

15126

- port

15127

type: object

15128

terminationGracePeriodSeconds:

15129

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

15130

format: int64

15131

type: integer

15132

timeoutSeconds:

15133

description: Number of seconds after which the probe times out. Defaults to 1 second.

15134

format: int32

15135

type: integer

15136

type: object

15137

resources:

15138

description: Resources are not allowed for ephemeral containers.

15139

properties:

15140

limits:

15141

additionalProperties:

15142

anyOf:

15143

- type: integer

15144

- type: string

15145

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

15146

x-kubernetes-int-or-string: true

15147

description: Limits describes the maximum amount of compute resources allowed.

15148

type: object

15149

requests:

15150

additionalProperties:

15151

anyOf:

15152

- type: integer

15153

- type: string

15154

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

15155

x-kubernetes-int-or-string: true

15156

description: Requests describes the minimum amount of compute resources required.

15157

type: object

15158

type: object

15159

securityContext:

15160

description: 'Optional: SecurityContext defines the security options the ephemeral container s'

15161

properties:

15162

allowPrivilegeEscalation:

15163

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

15164

type: boolean

15165

capabilities:

15166

description: The capabilities to add/drop when running containers.

15167

properties:

15168

add:

15169

description: Added capabilities

15170

items:

15171

description: Capability represent POSIX capabilities type

15172

type: string

15173

type: array

15174

drop:

15175

description: Removed capabilities

15176

items:

15177

description: Capability represent POSIX capabilities type

15178

type: string

15179

type: array

15180

type: object

15181

privileged:

15182

description: Run container in privileged mode.

15183

type: boolean

15184

procMount:

15185

description: procMount denotes the type of proc mount to use for the containers.

15186

type: string

15187

readOnlyRootFilesystem:

15188

description: Whether this container has a read-only root filesystem. Default is false.

15189

type: boolean

15190

runAsGroup:

15191

description: The GID to run the entrypoint of the container process.

15192

format: int64

15193

type: integer

15194

runAsNonRoot:

15195

description: Indicates that the container must run as a non-root user.

15196

type: boolean

15197

runAsUser:

15198

description: The UID to run the entrypoint of the container process.

15199

format: int64

15200

type: integer

15201

seLinuxOptions:

15202

description: The SELinux context to be applied to the container.

15203

properties:

15204

level:

15205

description: Level is SELinux level label that applies to the container.

15206

type: string

15207

role:

15208

description: Role is a SELinux role label that applies to the container.

15209

type: string

15210

type:

15211

description: Type is a SELinux type label that applies to the container.

15212

type: string

15213

user:

15214

description: User is a SELinux user label that applies to the container.

15215

type: string

15216

type: object

15217

seccompProfile:

15218

description: The seccomp options to use by this container.

15219

properties:

15220

localhostProfile:

15221

description: localhostProfile indicates a profile defined in a file on the node should be use

15222

type: string

15223

type:

15224

description: type indicates which kind of seccomp profile will be applied.

15225

type: string

15226

required:

15227

- type

15228

type: object

15229

windowsOptions:

15230

description: The Windows specific settings applied to all containers.

15231

properties:

15232

gmsaCredentialSpec:

15233

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

15234

type: string

15235

gmsaCredentialSpecName:

15236

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

15237

type: string

15238

hostProcess:

15239

description: HostProcess determines if a container should be run as a 'Host Process' containe

15240

type: boolean

15241

runAsUserName:

15242

description: The UserName in Windows to run the entrypoint of the container process.

15243

type: string

15244

type: object

15245

type: object

15246

startupProbe:

15247

description: Probes are not allowed for ephemeral containers.

15248

properties:

15249

exec:

15250

description: Exec specifies the action to take.

15251

properties:

15252

command:

15253

description: Command is the command line to execute inside the container, the working directo

15254

items:

15255

type: string

15256

type: array

15257

type: object

15258

failureThreshold:

15259

description: 'Minimum consecutive failures for the probe to be considered failed after having '

15260

format: int32

15261

type: integer

15262

grpc:

15263

description: GRPC specifies an action involving a GRPC port.

15264

properties:

15265

port:

15266

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

15267

format: int32

15268

type: integer

15269

service:

15270

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

15271

type: string

15272

required:

15273

- port

15274

type: object

15275

httpGet:

15276

description: HTTPGet specifies the http request to perform.

15277

properties:

15278

host:

15279

description: Host name to connect to, defaults to the pod IP.

15280

type: string

15281

httpHeaders:

15282

description: Custom headers to set in the request. HTTP allows repeated headers.

15283

items:

15284

description: HTTPHeader describes a custom header to be used in HTTP probes

15285

properties:

15286

name:

15287

description: The header field name

15288

type: string

15289

value:

15290

description: The header field value

15291

type: string

15292

required:

15293

- name

15294

- value

15295

type: object

15296

type: array

15297

path:

15298

description: Path to access on the HTTP server.

15299

type: string

15300

port:

15301

anyOf:

15302

- type: integer

15303

- type: string

15304

description: Name or number of the port to access on the container.

15305

x-kubernetes-int-or-string: true

15306

scheme:

15307

description: Scheme to use for connecting to the host. Defaults to HTTP.

15308

type: string

15309

required:

15310

- port

15311

type: object

15312

initialDelaySeconds:

15313

description: Number of seconds after the container has started before liveness probes are ini

15314

format: int32

15315

type: integer

15316

periodSeconds:

15317

description: How often (in seconds) to perform the probe. Default to 10 seconds.

15318

format: int32

15319

type: integer

15320

successThreshold:

15321

description: Minimum consecutive successes for the probe to be considered successful after ha

15322

format: int32

15323

type: integer

15324

tcpSocket:

15325

description: TCPSocket specifies an action involving a TCP port.

15326

properties:

15327

host:

15328

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15329

type: string

15330

port:

15331

anyOf:

15332

- type: integer

15333

- type: string

15334

description: Number or name of the port to access on the container.

15335

x-kubernetes-int-or-string: true

15336

required:

15337

- port

15338

type: object

15339

terminationGracePeriodSeconds:

15340

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

15341

format: int64

15342

type: integer

15343

timeoutSeconds:

15344

description: Number of seconds after which the probe times out. Defaults to 1 second.

15345

format: int32

15346

type: integer

15347

type: object

15348

stdin:

15349

description: Whether this container should allocate a buffer for stdin in the container runti

15350

type: boolean

15351

stdinOnce:

15352

description: Whether the container runtime should close the stdin channel after it has been o

15353

type: boolean

15354

targetContainerName:

15355

description: If set, the name of the container from PodSpec that this ephemeral container tar

15356

type: string

15357

terminationMessagePath:

15358

description: 'Optional: Path at which the file to which the container''s termination message wi'

15359

type: string

15360

terminationMessagePolicy:

15361

description: Indicate how the termination message should be populated.

15362

type: string

15363

tty:

15364

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

15365

type: boolean

15366

volumeDevices:

15367

description: volumeDevices is the list of block devices to be used by the container.

15368

items:

15369

description: volumeDevice describes a mapping of a raw block device within a container.

15370

properties:

15371

devicePath:

15372

description: devicePath is the path inside of the container that the device will be mapped to

15373

type: string

15374

name:

15375

description: name must match the name of a persistentVolumeClaim in the pod

15376

type: string

15377

required:

15378

- devicePath

15379

- name

15380

type: object

15381

type: array

15382

volumeMounts:

15383

description: Pod volumes to mount into the container's filesystem.

15384

items:

15385

description: VolumeMount describes a mounting of a Volume within a container.

15386

properties:

15387

mountPath:

15388

description: Path within the container at which the volume should be mounted.

15389

type: string

15390

mountPropagation:

15391

description: mountPropagation determines how mounts are propagated from the host to container

15392

type: string

15393

name:

15394

description: This must match the Name of a Volume.

15395

type: string

15396

readOnly:

15397

description: Mounted read-only if true, read-write otherwise (false or unspecified).

15398

type: boolean

15399

subPath:

15400

description: Path within the volume from which the container's volume should be mounted.

15401

type: string

15402

subPathExpr:

15403

description: Expanded path within the volume from which the container's volume should be moun

15404

type: string

15405

required:

15406

- mountPath

15407

- name

15408

type: object

15409

type: array

15410

workingDir:

15411

description: Container's working directory.

15412

type: string

15413

required:

15414

- name

15415

type: object

15416

type: array

15417

hostAliases:

15418

description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '

15419

items:

15420

description: HostAlias holds the mapping between IP and hostnames that will be injected as an

15421

properties:

15422

hostnames:

15423

description: Hostnames for the above IP address.

15424

items:

15425

type: string

15426

type: array

15427

ip:

15428

description: IP address of the host file entry.

15429

type: string

15430

type: object

15431

type: array

15432

hostIPC:

15433

description: 'Use the host''s ipc namespace. Optional: Default to false.'

15434

type: boolean

15435

hostNetwork:

15436

description: Host networking requested for this pod. Use the host's network namespace.

15437

type: boolean

15438

hostPID:

15439

description: 'Use the host''s pid namespace. Optional: Default to false.'

15440

type: boolean

15441

hostname:

15442

description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s

15443

type: string

15444

imagePullSecrets:

15445

description: ImagePullSecrets is an optional list of references to secrets in the same namesp

15446

items:

15447

description: LocalObjectReference contains enough information to let you locate the reference

15448

properties:

15449

name:

15450

description: 'Name of the referent. More info: https://kubernetes.'

15451

type: string

15452

type: object

15453

x-kubernetes-map-type: atomic

15454

type: array

15455

initContainers:

15456

description: List of initialization containers belonging to the pod.

15457

items:

15458

description: A single application container that you want to run within a pod.

15459

properties:

15460

args:

15461

description: Arguments to the entrypoint.

15462

items:

15463

type: string

15464

type: array

15465

command:

15466

description: Entrypoint array. Not executed within a shell.

15467

items:

15468

type: string

15469

type: array

15470

env:

15471

description: List of environment variables to set in the container. Cannot be updated.

15472

items:

15473

description: EnvVar represents an environment variable present in a Container.

15474

properties:

15475

name:

15476

description: Name of the environment variable. Must be a C_IDENTIFIER.

15477

type: string

15478

value:

15479

description: Variable references $(VAR_NAME) are expanded using the previously defined enviro

15480

type: string

15481

valueFrom:

15482

description: Source for the environment variable's value.

15483

properties:

15484

configMapKeyRef:

15485

description: Selects a key of a ConfigMap.

15486

properties:

15487

key:

15488

description: The key to select.

15489

type: string

15490

name:

15491

description: 'Name of the referent. More info: https://kubernetes.'

15492

type: string

15493

optional:

15494

description: Specify whether the ConfigMap or its key must be defined

15495

type: boolean

15496

required:

15497

- key

15498

type: object

15499

x-kubernetes-map-type: atomic

15500

fieldRef:

15501

description: 'Selects a field of the pod: supports metadata.name, metadata.'

15502

properties:

15503

apiVersion:

15504

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

15505

type: string

15506

fieldPath:

15507

description: Path of the field to select in the specified API version.

15508

type: string

15509

required:

15510

- fieldPath

15511

type: object

15512

x-kubernetes-map-type: atomic

15513

resourceFieldRef:

15514

description: 'Selects a resource of the container: only resources limits and requests (limits.'

15515

properties:

15516

containerName:

15517

description: 'Container name: required for volumes, optional for env vars'

15518

type: string

15519

divisor:

15520

anyOf:

15521

- type: integer

15522

- type: string

15523

description: Specifies the output format of the exposed resources, defaults to "1"

15524

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

15525

x-kubernetes-int-or-string: true

15526

resource:

15527

description: 'Required: resource to select'

15528

type: string

15529

required:

15530

- resource

15531

type: object

15532

x-kubernetes-map-type: atomic

15533

secretKeyRef:

15534

description: Selects a key of a secret in the pod's namespace

15535

properties:

15536

key:

15537

description: The key of the secret to select from. Must be a valid secret key.

15538

type: string

15539

name:

15540

description: 'Name of the referent. More info: https://kubernetes.'

15541

type: string

15542

optional:

15543

description: Specify whether the Secret or its key must be defined

15544

type: boolean

15545

required:

15546

- key

15547

type: object

15548

x-kubernetes-map-type: atomic

15549

type: object

15550

required:

15551

- name

15552

type: object

15553

type: array

15554

envFrom:

15555

description: List of sources to populate environment variables in the container.

15556

items:

15557

description: EnvFromSource represents the source of a set of ConfigMaps

15558

properties:

15559

configMapRef:

15560

description: The ConfigMap to select from

15561

properties:

15562

name:

15563

description: 'Name of the referent. More info: https://kubernetes.'

15564

type: string

15565

optional:

15566

description: Specify whether the ConfigMap must be defined

15567

type: boolean

15568

type: object

15569

x-kubernetes-map-type: atomic

15570

prefix:

15571

description: An optional identifier to prepend to each key in the ConfigMap.

15572

type: string

15573

secretRef:

15574

description: The Secret to select from

15575

properties:

15576

name:

15577

description: 'Name of the referent. More info: https://kubernetes.'

15578

type: string

15579

optional:

15580

description: Specify whether the Secret must be defined

15581

type: boolean

15582

type: object

15583

x-kubernetes-map-type: atomic

15584

type: object

15585

type: array

15586

image:

15587

description: 'Docker image name. More info: https://kubernetes.'

15588

type: string

15589

imagePullPolicy:

15590

description: Image pull policy. One of Always, Never, IfNotPresent.

15591

type: string

15592

lifecycle:

15593

description: Actions that the management system should take in response to container lifecycl

15594

properties:

15595

postStart:

15596

description: PostStart is called immediately after a container is created.

15597

properties:

15598

exec:

15599

description: Exec specifies the action to take.

15600

properties:

15601

command:

15602

description: Command is the command line to execute inside the container, the working directo

15603

items:

15604

type: string

15605

type: array

15606

type: object

15607

httpGet:

15608

description: HTTPGet specifies the http request to perform.

15609

properties:

15610

host:

15611

description: Host name to connect to, defaults to the pod IP.

15612

type: string

15613

httpHeaders:

15614

description: Custom headers to set in the request. HTTP allows repeated headers.

15615

items:

15616

description: HTTPHeader describes a custom header to be used in HTTP probes

15617

properties:

15618

name:

15619

description: The header field name

15620

type: string

15621

value:

15622

description: The header field value

15623

type: string

15624

required:

15625

- name

15626

- value

15627

type: object

15628

type: array

15629

path:

15630

description: Path to access on the HTTP server.

15631

type: string

15632

port:

15633

anyOf:

15634

- type: integer

15635

- type: string

15636

description: Name or number of the port to access on the container.

15637

x-kubernetes-int-or-string: true

15638

scheme:

15639

description: Scheme to use for connecting to the host. Defaults to HTTP.

15640

type: string

15641

required:

15642

- port

15643

type: object

15644

tcpSocket:

15645

description: Deprecated.

15646

properties:

15647

host:

15648

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15649

type: string

15650

port:

15651

anyOf:

15652

- type: integer

15653

- type: string

15654

description: Number or name of the port to access on the container.

15655

x-kubernetes-int-or-string: true

15656

required:

15657

- port

15658

type: object

15659

type: object

15660

preStop:

15661

description: PreStop is called immediately before a container is terminated due to an API req

15662

properties:

15663

exec:

15664

description: Exec specifies the action to take.

15665

properties:

15666

command:

15667

description: Command is the command line to execute inside the container, the working directo

15668

items:

15669

type: string

15670

type: array

15671

type: object

15672

httpGet:

15673

description: HTTPGet specifies the http request to perform.

15674

properties:

15675

host:

15676

description: Host name to connect to, defaults to the pod IP.

15677

type: string

15678

httpHeaders:

15679

description: Custom headers to set in the request. HTTP allows repeated headers.

15680

items:

15681

description: HTTPHeader describes a custom header to be used in HTTP probes

15682

properties:

15683

name:

15684

description: The header field name

15685

type: string

15686

value:

15687

description: The header field value

15688

type: string

15689

required:

15690

- name

15691

- value

15692

type: object

15693

type: array

15694

path:

15695

description: Path to access on the HTTP server.

15696

type: string

15697

port:

15698

anyOf:

15699

- type: integer

15700

- type: string

15701

description: Name or number of the port to access on the container.

15702

x-kubernetes-int-or-string: true

15703

scheme:

15704

description: Scheme to use for connecting to the host. Defaults to HTTP.

15705

type: string

15706

required:

15707

- port

15708

type: object

15709

tcpSocket:

15710

description: Deprecated.

15711

properties:

15712

host:

15713

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15714

type: string

15715

port:

15716

anyOf:

15717

- type: integer

15718

- type: string

15719

description: Number or name of the port to access on the container.

15720

x-kubernetes-int-or-string: true

15721

required:

15722

- port

15723

type: object

15724

type: object

15725

type: object

15726

livenessProbe:

15727

description: Periodic probe of container liveness.

15728

properties:

15729

exec:

15730

description: Exec specifies the action to take.

15731

properties:

15732

command:

15733

description: Command is the command line to execute inside the container, the working directo

15734

items:

15735

type: string

15736

type: array

15737

type: object

15738

failureThreshold:

15739

description: 'Minimum consecutive failures for the probe to be considered failed after having '

15740

format: int32

15741

type: integer

15742

grpc:

15743

description: GRPC specifies an action involving a GRPC port.

15744

properties:

15745

port:

15746

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

15747

format: int32

15748

type: integer

15749

service:

15750

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

15751

type: string

15752

required:

15753

- port

15754

type: object

15755

httpGet:

15756

description: HTTPGet specifies the http request to perform.

15757

properties:

15758

host:

15759

description: Host name to connect to, defaults to the pod IP.

15760

type: string

15761

httpHeaders:

15762

description: Custom headers to set in the request. HTTP allows repeated headers.

15763

items:

15764

description: HTTPHeader describes a custom header to be used in HTTP probes

15765

properties:

15766

name:

15767

description: The header field name

15768

type: string

15769

value:

15770

description: The header field value

15771

type: string

15772

required:

15773

- name

15774

- value

15775

type: object

15776

type: array

15777

path:

15778

description: Path to access on the HTTP server.

15779

type: string

15780

port:

15781

anyOf:

15782

- type: integer

15783

- type: string

15784

description: Name or number of the port to access on the container.

15785

x-kubernetes-int-or-string: true

15786

scheme:

15787

description: Scheme to use for connecting to the host. Defaults to HTTP.

15788

type: string

15789

required:

15790

- port

15791

type: object

15792

initialDelaySeconds:

15793

description: Number of seconds after the container has started before liveness probes are ini

15794

format: int32

15795

type: integer

15796

periodSeconds:

15797

description: How often (in seconds) to perform the probe. Default to 10 seconds.

15798

format: int32

15799

type: integer

15800

successThreshold:

15801

description: Minimum consecutive successes for the probe to be considered successful after ha

15802

format: int32

15803

type: integer

15804

tcpSocket:

15805

description: TCPSocket specifies an action involving a TCP port.

15806

properties:

15807

host:

15808

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15809

type: string

15810

port:

15811

anyOf:

15812

- type: integer

15813

- type: string

15814

description: Number or name of the port to access on the container.

15815

x-kubernetes-int-or-string: true

15816

required:

15817

- port

15818

type: object

15819

terminationGracePeriodSeconds:

15820

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

15821

format: int64

15822

type: integer

15823

timeoutSeconds:

15824

description: Number of seconds after which the probe times out. Defaults to 1 second.

15825

format: int32

15826

type: integer

15827

type: object

15828

name:

15829

description: Name of the container specified as a DNS_LABEL.

15830

type: string

15831

ports:

15832

description: List of ports to expose from the container.

15833

items:

15834

description: ContainerPort represents a network port in a single container.

15835

properties:

15836

containerPort:

15837

description: Number of port to expose on the pod's IP address.

15838

format: int32

15839

type: integer

15840

hostIP:

15841

description: What host IP to bind the external port to.

15842

type: string

15843

hostPort:

15844

description: Number of port to expose on the host.

15845

format: int32

15846

type: integer

15847

name:

15848

description: If specified, this must be an IANA_SVC_NAME and unique within the pod.

15849

type: string

15850

protocol:

15851

default: TCP

15852

description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

15853

type: string

15854

required:

15855

- containerPort

15856

type: object

15857

type: array

15858

x-kubernetes-list-map-keys:

15859

- containerPort

15860

- protocol

15861

x-kubernetes-list-type: map

15862

readinessProbe:

15863

description: Periodic probe of container service readiness.

15864

properties:

15865

exec:

15866

description: Exec specifies the action to take.

15867

properties:

15868

command:

15869

description: Command is the command line to execute inside the container, the working directo

15870

items:

15871

type: string

15872

type: array

15873

type: object

15874

failureThreshold:

15875

description: 'Minimum consecutive failures for the probe to be considered failed after having '

15876

format: int32

15877

type: integer

15878

grpc:

15879

description: GRPC specifies an action involving a GRPC port.

15880

properties:

15881

port:

15882

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

15883

format: int32

15884

type: integer

15885

service:

15886

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

15887

type: string

15888

required:

15889

- port

15890

type: object

15891

httpGet:

15892

description: HTTPGet specifies the http request to perform.

15893

properties:

15894

host:

15895

description: Host name to connect to, defaults to the pod IP.

15896

type: string

15897

httpHeaders:

15898

description: Custom headers to set in the request. HTTP allows repeated headers.

15899

items:

15900

description: HTTPHeader describes a custom header to be used in HTTP probes

15901

properties:

15902

name:

15903

description: The header field name

15904

type: string

15905

value:

15906

description: The header field value

15907

type: string

15908

required:

15909

- name

15910

- value

15911

type: object

15912

type: array

15913

path:

15914

description: Path to access on the HTTP server.

15915

type: string

15916

port:

15917

anyOf:

15918

- type: integer

15919

- type: string

15920

description: Name or number of the port to access on the container.

15921

x-kubernetes-int-or-string: true

15922

scheme:

15923

description: Scheme to use for connecting to the host. Defaults to HTTP.

15924

type: string

15925

required:

15926

- port

15927

type: object

15928

initialDelaySeconds:

15929

description: Number of seconds after the container has started before liveness probes are ini

15930

format: int32

15931

type: integer

15932

periodSeconds:

15933

description: How often (in seconds) to perform the probe. Default to 10 seconds.

15934

format: int32

15935

type: integer

15936

successThreshold:

15937

description: Minimum consecutive successes for the probe to be considered successful after ha

15938

format: int32

15939

type: integer

15940

tcpSocket:

15941

description: TCPSocket specifies an action involving a TCP port.

15942

properties:

15943

host:

15944

description: 'Optional: Host name to connect to, defaults to the pod IP.'

15945

type: string

15946

port:

15947

anyOf:

15948

- type: integer

15949

- type: string

15950

description: Number or name of the port to access on the container.

15951

x-kubernetes-int-or-string: true

15952

required:

15953

- port

15954

type: object

15955

terminationGracePeriodSeconds:

15956

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

15957

format: int64

15958

type: integer

15959

timeoutSeconds:

15960

description: Number of seconds after which the probe times out. Defaults to 1 second.

15961

format: int32

15962

type: integer

15963

type: object

15964

resources:

15965

description: Compute Resources required by this container. Cannot be updated.

15966

properties:

15967

limits:

15968

additionalProperties:

15969

anyOf:

15970

- type: integer

15971

- type: string

15972

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

15973

x-kubernetes-int-or-string: true

15974

description: Limits describes the maximum amount of compute resources allowed.

15975

type: object

15976

requests:

15977

additionalProperties:

15978

anyOf:

15979

- type: integer

15980

- type: string

15981

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

15982

x-kubernetes-int-or-string: true

15983

description: Requests describes the minimum amount of compute resources required.

15984

type: object

15985

type: object

15986

securityContext:

15987

description: SecurityContext defines the security options the container should be run with.

15988

properties:

15989

allowPrivilegeEscalation:

15990

description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha

15991

type: boolean

15992

capabilities:

15993

description: The capabilities to add/drop when running containers.

15994

properties:

15995

add:

15996

description: Added capabilities

15997

items:

15998

description: Capability represent POSIX capabilities type

15999

type: string

16000

type: array

16001

drop:

16002

description: Removed capabilities

16003

items:

16004

description: Capability represent POSIX capabilities type

16005

type: string

16006

type: array

16007

type: object

16008

privileged:

16009

description: Run container in privileged mode.

16010

type: boolean

16011

procMount:

16012

description: procMount denotes the type of proc mount to use for the containers.

16013

type: string

16014

readOnlyRootFilesystem:

16015

description: Whether this container has a read-only root filesystem. Default is false.

16016

type: boolean

16017

runAsGroup:

16018

description: The GID to run the entrypoint of the container process.

16019

format: int64

16020

type: integer

16021

runAsNonRoot:

16022

description: Indicates that the container must run as a non-root user.

16023

type: boolean

16024

runAsUser:

16025

description: The UID to run the entrypoint of the container process.

16026

format: int64

16027

type: integer

16028

seLinuxOptions:

16029

description: The SELinux context to be applied to the container.

16030

properties:

16031

level:

16032

description: Level is SELinux level label that applies to the container.

16033

type: string

16034

role:

16035

description: Role is a SELinux role label that applies to the container.

16036

type: string

16037

type:

16038

description: Type is a SELinux type label that applies to the container.

16039

type: string

16040

user:

16041

description: User is a SELinux user label that applies to the container.

16042

type: string

16043

type: object

16044

seccompProfile:

16045

description: The seccomp options to use by this container.

16046

properties:

16047

localhostProfile:

16048

description: localhostProfile indicates a profile defined in a file on the node should be use

16049

type: string

16050

type:

16051

description: type indicates which kind of seccomp profile will be applied.

16052

type: string

16053

required:

16054

- type

16055

type: object

16056

windowsOptions:

16057

description: The Windows specific settings applied to all containers.

16058

properties:

16059

gmsaCredentialSpec:

16060

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

16061

type: string

16062

gmsaCredentialSpecName:

16063

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

16064

type: string

16065

hostProcess:

16066

description: HostProcess determines if a container should be run as a 'Host Process' containe

16067

type: boolean

16068

runAsUserName:

16069

description: The UserName in Windows to run the entrypoint of the container process.

16070

type: string

16071

type: object

16072

type: object

16073

startupProbe:

16074

description: StartupProbe indicates that the Pod has successfully initialized.

16075

properties:

16076

exec:

16077

description: Exec specifies the action to take.

16078

properties:

16079

command:

16080

description: Command is the command line to execute inside the container, the working directo

16081

items:

16082

type: string

16083

type: array

16084

type: object

16085

failureThreshold:

16086

description: 'Minimum consecutive failures for the probe to be considered failed after having '

16087

format: int32

16088

type: integer

16089

grpc:

16090

description: GRPC specifies an action involving a GRPC port.

16091

properties:

16092

port:

16093

description: Port number of the gRPC service. Number must be in the range 1 to 65535.

16094

format: int32

16095

type: integer

16096

service:

16097

description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '

16098

type: string

16099

required:

16100

- port

16101

type: object

16102

httpGet:

16103

description: HTTPGet specifies the http request to perform.

16104

properties:

16105

host:

16106

description: Host name to connect to, defaults to the pod IP.

16107

type: string

16108

httpHeaders:

16109

description: Custom headers to set in the request. HTTP allows repeated headers.

16110

items:

16111

description: HTTPHeader describes a custom header to be used in HTTP probes

16112

properties:

16113

name:

16114

description: The header field name

16115

type: string

16116

value:

16117

description: The header field value

16118

type: string

16119

required:

16120

- name

16121

- value

16122

type: object

16123

type: array

16124

path:

16125

description: Path to access on the HTTP server.

16126

type: string

16127

port:

16128

anyOf:

16129

- type: integer

16130

- type: string

16131

description: Name or number of the port to access on the container.

16132

x-kubernetes-int-or-string: true

16133

scheme:

16134

description: Scheme to use for connecting to the host. Defaults to HTTP.

16135

type: string

16136

required:

16137

- port

16138

type: object

16139

initialDelaySeconds:

16140

description: Number of seconds after the container has started before liveness probes are ini

16141

format: int32

16142

type: integer

16143

periodSeconds:

16144

description: How often (in seconds) to perform the probe. Default to 10 seconds.

16145

format: int32

16146

type: integer

16147

successThreshold:

16148

description: Minimum consecutive successes for the probe to be considered successful after ha

16149

format: int32

16150

type: integer

16151

tcpSocket:

16152

description: TCPSocket specifies an action involving a TCP port.

16153

properties:

16154

host:

16155

description: 'Optional: Host name to connect to, defaults to the pod IP.'

16156

type: string

16157

port:

16158

anyOf:

16159

- type: integer

16160

- type: string

16161

description: Number or name of the port to access on the container.

16162

x-kubernetes-int-or-string: true

16163

required:

16164

- port

16165

type: object

16166

terminationGracePeriodSeconds:

16167

description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa

16168

format: int64

16169

type: integer

16170

timeoutSeconds:

16171

description: Number of seconds after which the probe times out. Defaults to 1 second.

16172

format: int32

16173

type: integer

16174

type: object

16175

stdin:

16176

description: Whether this container should allocate a buffer for stdin in the container runti

16177

type: boolean

16178

stdinOnce:

16179

description: Whether the container runtime should close the stdin channel after it has been o

16180

type: boolean

16181

terminationMessagePath:

16182

description: 'Optional: Path at which the file to which the container''s termination message wi'

16183

type: string

16184

terminationMessagePolicy:

16185

description: Indicate how the termination message should be populated.

16186

type: string

16187

tty:

16188

description: Whether this container should allocate a TTY for itself, also requires 'stdin' t

16189

type: boolean

16190

volumeDevices:

16191

description: volumeDevices is the list of block devices to be used by the container.

16192

items:

16193

description: volumeDevice describes a mapping of a raw block device within a container.

16194

properties:

16195

devicePath:

16196

description: devicePath is the path inside of the container that the device will be mapped to

16197

type: string

16198

name:

16199

description: name must match the name of a persistentVolumeClaim in the pod

16200

type: string

16201

required:

16202

- devicePath

16203

- name

16204

type: object

16205

type: array

16206

volumeMounts:

16207

description: Pod volumes to mount into the container's filesystem. Cannot be updated.

16208

items:

16209

description: VolumeMount describes a mounting of a Volume within a container.

16210

properties:

16211

mountPath:

16212

description: Path within the container at which the volume should be mounted.

16213

type: string

16214

mountPropagation:

16215

description: mountPropagation determines how mounts are propagated from the host to container

16216

type: string

16217

name:

16218

description: This must match the Name of a Volume.

16219

type: string

16220

readOnly:

16221

description: Mounted read-only if true, read-write otherwise (false or unspecified).

16222

type: boolean

16223

subPath:

16224

description: Path within the volume from which the container's volume should be mounted.

16225

type: string

16226

subPathExpr:

16227

description: Expanded path within the volume from which the container's volume should be moun

16228

type: string

16229

required:

16230

- mountPath

16231

- name

16232

type: object

16233

type: array

16234

workingDir:

16235

description: Container's working directory.

16236

type: string

16237

required:

16238

- name

16239

type: object

16240

type: array

16241

nodeName:

16242

description: NodeName is a request to schedule this pod onto a specific node.

16243

type: string

16244

nodeSelector:

16245

additionalProperties:

16246

type: string

16247

description: NodeSelector is a selector which must be true for the pod to fit on a node.

16248

type: object

16249

x-kubernetes-map-type: atomic

16250

os:

16251

description: Specifies the OS of the containers in the pod.

16252

properties:

16253

name:

16254

description: Name is the name of the operating system.

16255

type: string

16256

required:

16257

- name

16258

type: object

16259

overhead:

16260

additionalProperties:

16261

anyOf:

16262

- type: integer

16263

- type: string

16264

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

16265

x-kubernetes-int-or-string: true

16266

description: Overhead represents the resource overhead associated with running a pod for a gi

16267

type: object

16268

preemptionPolicy:

16269

description: PreemptionPolicy is the Policy for preempting pods with lower priority.

16270

type: string

16271

priority:

16272

description: The priority value.

16273

format: int32

16274

type: integer

16275

priorityClassName:

16276

description: If specified, indicates the pod's priority.

16277

type: string

16278

readinessGates:

16279

description: If specified, all readiness gates will be evaluated for pod readiness.

16280

items:

16281

description: PodReadinessGate contains the reference to a pod condition

16282

properties:

16283

conditionType:

16284

description: ConditionType refers to a condition in the pod's condition list with matching ty

16285

type: string

16286

required:

16287

- conditionType

16288

type: object

16289

type: array

16290

restartPolicy:

16291

description: Restart policy for all containers within the pod.

16292

type: string

16293

runtimeClassName:

16294

description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.

16295

type: string

16296

schedulerName:

16297

description: If specified, the pod will be dispatched by specified scheduler.

16298

type: string

16299

securityContext:

16300

description: SecurityContext holds pod-level security attributes and common container setting

16301

properties:

16302

fsGroup:

16303

description: A special supplemental group that applies to all containers in a pod.

16304

format: int64

16305

type: integer

16306

fsGroupChangePolicy:

16307

description: fsGroupChangePolicy defines behavior of changing ownership and permission of the

16308

type: string

16309

runAsGroup:

16310

description: The GID to run the entrypoint of the container process.

16311

format: int64

16312

type: integer

16313

runAsNonRoot:

16314

description: Indicates that the container must run as a non-root user.

16315

type: boolean

16316

runAsUser:

16317

description: The UID to run the entrypoint of the container process.

16318

format: int64

16319

type: integer

16320

seLinuxOptions:

16321

description: The SELinux context to be applied to all containers.

16322

properties:

16323

level:

16324

description: Level is SELinux level label that applies to the container.

16325

type: string

16326

role:

16327

description: Role is a SELinux role label that applies to the container.

16328

type: string

16329

type:

16330

description: Type is a SELinux type label that applies to the container.

16331

type: string

16332

user:

16333

description: User is a SELinux user label that applies to the container.

16334

type: string

16335

type: object

16336

seccompProfile:

16337

description: The seccomp options to use by the containers in this pod.

16338

properties:

16339

localhostProfile:

16340

description: localhostProfile indicates a profile defined in a file on the node should be use

16341

type: string

16342

type:

16343

description: type indicates which kind of seccomp profile will be applied.

16344

type: string

16345

required:

16346

- type

16347

type: object

16348

supplementalGroups:

16349

description: A list of groups applied to the first process run in each container, in addition

16350

items:

16351

format: int64

16352

type: integer

16353

type: array

16354

sysctls:

16355

description: Sysctls hold a list of namespaced sysctls used for the pod.

16356

items:

16357

description: Sysctl defines a kernel parameter to be set

16358

properties:

16359

name:

16360

description: Name of a property to set

16361

type: string

16362

value:

16363

description: Value of a property to set

16364

type: string

16365

required:

16366

- name

16367

- value

16368

type: object

16369

type: array

16370

windowsOptions:

16371

description: The Windows specific settings applied to all containers.

16372

properties:

16373

gmsaCredentialSpec:

16374

description: GMSACredentialSpec is where the GMSA admission webhook (https://github.

16375

type: string

16376

gmsaCredentialSpecName:

16377

description: GMSACredentialSpecName is the name of the GMSA credential spec to use.

16378

type: string

16379

hostProcess:

16380

description: HostProcess determines if a container should be run as a 'Host Process' containe

16381

type: boolean

16382

runAsUserName:

16383

description: The UserName in Windows to run the entrypoint of the container process.

16384

type: string

16385

type: object

16386

type: object

16387

serviceAccount:

16388

description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.

16389

type: string

16390

serviceAccountName:

16391

description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.

16392

type: string

16393

setHostnameAsFQDN:

16394

description: If true the pod's hostname will be configured as the pod's FQDN, rather than the

16395

type: boolean

16396

shareProcessNamespace:

16397

description: Share a single process namespace between all of the containers in a pod.

16398

type: boolean

16399

subdomain:

16400

description: If specified, the fully qualified Pod hostname will be "..

16401

type: string

16402

terminationGracePeriodSeconds:

16403

description: Optional duration in seconds the pod needs to terminate gracefully.

16404

format: int64

16405

type: integer

16406

tolerations:

16407

description: If specified, the pod's tolerations.

16408

items:

16409

description: The pod this Toleration is attached to tolerates any taint that matches the trip

16410

properties:

16411

effect:

16412

description: Effect indicates the taint effect to match. Empty means match all taint effects.

16413

type: string

16414

key:

16415

description: Key is the taint key that the toleration applies to.

16416

type: string

16417

operator:

16418

description: Operator represents a key's relationship to the value.

16419

type: string

16420

tolerationSeconds:

16421

description: TolerationSeconds represents the period of time the toleration (which must be of

16422

format: int64

16423

type: integer

16424

value:

16425

description: Value is the taint value the toleration matches to.

16426

type: string

16427

type: object

16428

type: array

16429

topologySpreadConstraints:

16430

description: TopologySpreadConstraints describes how a group of pods ought to spread across t

16431

items:

16432

description: TopologySpreadConstraint specifies how to spread matching pods among the given t

16433

properties:

16434

labelSelector:

16435

description: LabelSelector is used to find matching pods.

16436

properties:

16437

matchExpressions:

16438

description: matchExpressions is a list of label selector requirements.

16439

items:

16440

description: A label selector requirement is a selector that contains values, a key, and an o

16441

properties:

16442

key:

16443

description: key is the label key that the selector applies to.

16444

type: string

16445

operator:

16446

description: operator represents a key's relationship to a set of values.

16447

type: string

16448

values:

16449

description: values is an array of string values.

16450

items:

16451

type: string

16452

type: array

16453

required:

16454

- key

16455

- operator

16456

type: object

16457

type: array

16458

matchLabels:

16459

additionalProperties:

16460

type: string

16461

description: matchLabels is a map of {key,value} pairs.

16462

type: object

16463

type: object

16464

x-kubernetes-map-type: atomic

16465

maxSkew:

16466

description: MaxSkew describes the degree to which pods may be unevenly distributed.

16467

format: int32

16468

type: integer

16469

topologyKey:

16470

description: TopologyKey is the key of node labels.

16471

type: string

16472

whenUnsatisfiable:

16473

description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr

16474

type: string

16475

required:

16476

- maxSkew

16477

- topologyKey

16478

- whenUnsatisfiable

16479

type: object

16480

type: array

16481

x-kubernetes-list-map-keys:

16482

- topologyKey

16483

- whenUnsatisfiable

16484

x-kubernetes-list-type: map

16485

volumes:

16486

description: List of volumes that can be mounted by containers belonging to the pod.

16487

items:

16488

description: 'Volume represents a named volume in a pod that may be accessed by any container '

16489

properties:

16490

awsElasticBlockStore:

16491

description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel

16492

properties:

16493

fsType:

16494

description: Filesystem type of the volume that you want to mount.

16495

type: string

16496

partition:

16497

description: The partition in the volume that you want to mount.

16498

format: int32

16499

type: integer

16500

readOnly:

16501

description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".

16502

type: boolean

16503

volumeID:

16504

description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).

16505

type: string

16506

required:

16507

- volumeID

16508

type: object

16509

azureDisk:

16510

description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '

16511

properties:

16512

cachingMode:

16513

description: 'Host Caching mode: None, Read Only, Read Write.'

16514

type: string

16515

diskName:

16516

description: The Name of the data disk in the blob storage

16517

type: string

16518

diskURI:

16519

description: The URI the data disk in the blob storage

16520

type: string

16521

fsType:

16522

description: Filesystem type to mount.

16523

type: string

16524

kind:

16525

description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'

16526

type: string

16527

readOnly:

16528

description: Defaults to false (read/write).

16529

type: boolean

16530

required:

16531

- diskName

16532

- diskURI

16533

type: object

16534

azureFile:

16535

description: AzureFile represents an Azure File Service mount on the host and bind mount to t

16536

properties:

16537

readOnly:

16538

description: Defaults to false (read/write).

16539

type: boolean

16540

secretName:

16541

description: the name of secret that contains Azure Storage Account Name and Key

16542

type: string

16543

shareName:

16544

description: Share Name

16545

type: string

16546

required:

16547

- secretName

16548

- shareName

16549

type: object

16550

cephfs:

16551

description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime

16552

properties:

16553

monitors:

16554

description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'

16555

items:

16556

type: string

16557

type: array

16558

path:

16559

description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'

16560

type: string

16561

readOnly:

16562

description: 'Optional: Defaults to false (read/write).'

16563

type: boolean

16564

secretFile:

16565

description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'

16566

type: string

16567

secretRef:

16568

description: 'Optional: SecretRef is reference to the authentication secret for User, default '

16569

properties:

16570

name:

16571

description: 'Name of the referent. More info: https://kubernetes.'

16572

type: string

16573

type: object

16574

x-kubernetes-map-type: atomic

16575

user:

16576

description: 'Optional: User is the rados user name, default is admin More info: https://examp'

16577

type: string

16578

required:

16579

- monitors

16580

type: object

16581

cinder:

16582

description: Cinder represents a cinder volume attached and mounted on kubelets host machine.

16583

properties:

16584

fsType:

16585

description: Filesystem type to mount.

16586

type: string

16587

readOnly:

16588

description: 'Optional: Defaults to false (read/write).'

16589

type: boolean

16590

secretRef:

16591

description: 'Optional: points to a secret object containing parameters used to connect to Ope'

16592

properties:

16593

name:

16594

description: 'Name of the referent. More info: https://kubernetes.'

16595

type: string

16596

type: object

16597

x-kubernetes-map-type: atomic

16598

volumeID:

16599

description: 'volume id used to identify the volume in cinder. More info: https://examples.'

16600

type: string

16601

required:

16602

- volumeID

16603

type: object

16604

configMap:

16605

description: ConfigMap represents a configMap that should populate this volume

16606

properties:

16607

defaultMode:

16608

description: 'Optional: mode bits used to set permissions on created files by default.'

16609

format: int32

16610

type: integer

16611

items:

16612

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

16613

items:

16614

description: Maps a string key to a path within a volume.

16615

properties:

16616

key:

16617

description: The key to project.

16618

type: string

16619

mode:

16620

description: 'Optional: mode bits used to set permissions on this file.'

16621

format: int32

16622

type: integer

16623

path:

16624

description: The relative path of the file to map the key to. May not be an absolute path.

16625

type: string

16626

required:

16627

- key

16628

- path

16629

type: object

16630

type: array

16631

name:

16632

description: 'Name of the referent. More info: https://kubernetes.'

16633

type: string

16634

optional:

16635

description: Specify whether the ConfigMap or its keys must be defined

16636

type: boolean

16637

type: object

16638

x-kubernetes-map-type: atomic

16639

csi:

16640

description: CSI (Container Storage Interface) represents ephemeral storage that is handled b

16641

properties:

16642

driver:

16643

description: Driver is the name of the CSI driver that handles this volume.

16644

type: string

16645

fsType:

16646

description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".

16647

type: string

16648

nodePublishSecretRef:

16649

description: NodePublishSecretRef is a reference to the secret object containing sensitive in

16650

properties:

16651

name:

16652

description: 'Name of the referent. More info: https://kubernetes.'

16653

type: string

16654

type: object

16655

x-kubernetes-map-type: atomic

16656

readOnly:

16657

description: Specifies a read-only configuration for the volume.

16658

type: boolean

16659

volumeAttributes:

16660

additionalProperties:

16661

type: string

16662

description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr

16663

type: object

16664

required:

16665

- driver

16666

type: object

16667

downwardAPI:

16668

description: DownwardAPI represents downward API about the pod that should populate this volu

16669

properties:

16670

defaultMode:

16671

description: 'Optional: mode bits to use on created files by default.'

16672

format: int32

16673

type: integer

16674

items:

16675

description: Items is a list of downward API volume file

16676

items:

16677

description: DownwardAPIVolumeFile represents information to create the file containing the p

16678

properties:

16679

fieldRef:

16680

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

16681

properties:

16682

apiVersion:

16683

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

16684

type: string

16685

fieldPath:

16686

description: Path of the field to select in the specified API version.

16687

type: string

16688

required:

16689

- fieldPath

16690

type: object

16691

x-kubernetes-map-type: atomic

16692

mode:

16693

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

16694

format: int32

16695

type: integer

16696

path:

16697

description: 'Required: Path is the relative path name of the file to be created.'

16698

type: string

16699

resourceFieldRef:

16700

description: 'Selects a resource of the container: only resources limits and requests (limits.'

16701

properties:

16702

containerName:

16703

description: 'Container name: required for volumes, optional for env vars'

16704

type: string

16705

divisor:

16706

anyOf:

16707

- type: integer

16708

- type: string

16709

description: Specifies the output format of the exposed resources, defaults to "1"

16710

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

16711

x-kubernetes-int-or-string: true

16712

resource:

16713

description: 'Required: resource to select'

16714

type: string

16715

required:

16716

- resource

16717

type: object

16718

x-kubernetes-map-type: atomic

16719

required:

16720

- path

16721

type: object

16722

type: array

16723

type: object

16724

emptyDir:

16725

description: EmptyDir represents a temporary directory that shares a pod's lifetime.

16726

properties:

16727

medium:

16728

description: What type of storage medium should back this directory.

16729

type: string

16730

sizeLimit:

16731

anyOf:

16732

- type: integer

16733

- type: string

16734

description: Total amount of local storage required for this EmptyDir volume.

16735

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

16736

x-kubernetes-int-or-string: true

16737

type: object

16738

ephemeral:

16739

description: Ephemeral represents a volume that is handled by a cluster storage driver.

16740

properties:

16741

volumeClaimTemplate:

16742

description: Will be used to create a stand-alone PVC to provision the volume.

16743

properties:

16744

metadata:

16745

description: May contain labels and annotations that will be copied into the PVC when creatin

16746

type: object

16747

spec:

16748

description: The specification for the PersistentVolumeClaim.

16749

properties:

16750

accessModes:

16751

description: AccessModes contains the desired access modes the volume should have.

16752

items:

16753

type: string

16754

type: array

16755

dataSource:

16756

description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'

16757

properties:

16758

apiGroup:

16759

description: APIGroup is the group for the resource being referenced.

16760

type: string

16761

kind:

16762

description: Kind is the type of resource being referenced

16763

type: string

16764

name:

16765

description: Name is the name of resource being referenced

16766

type: string

16767

required:

16768

- kind

16769

- name

16770

type: object

16771

x-kubernetes-map-type: atomic

16772

dataSourceRef:

16773

description: Specifies the object from which to populate the volume with data, if a non-empty

16774

properties:

16775

apiGroup:

16776

description: APIGroup is the group for the resource being referenced.

16777

type: string

16778

kind:

16779

description: Kind is the type of resource being referenced

16780

type: string

16781

name:

16782

description: Name is the name of resource being referenced

16783

type: string

16784

required:

16785

- kind

16786

- name

16787

type: object

16788

x-kubernetes-map-type: atomic

16789

resources:

16790

description: Resources represents the minimum resources the volume should have.

16791

properties:

16792

limits:

16793

additionalProperties:

16794

anyOf:

16795

- type: integer

16796

- type: string

16797

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

16798

x-kubernetes-int-or-string: true

16799

description: Limits describes the maximum amount of compute resources allowed.

16800

type: object

16801

requests:

16802

additionalProperties:

16803

anyOf:

16804

- type: integer

16805

- type: string

16806

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

16807

x-kubernetes-int-or-string: true

16808

description: Requests describes the minimum amount of compute resources required.

16809

type: object

16810

type: object

16811

selector:

16812

description: A label query over volumes to consider for binding.

16813

properties:

16814

matchExpressions:

16815

description: matchExpressions is a list of label selector requirements.

16816

items:

16817

description: A label selector requirement is a selector that contains values, a key, and an o

16818

properties:

16819

key:

16820

description: key is the label key that the selector applies to.

16821

type: string

16822

operator:

16823

description: operator represents a key's relationship to a set of values.

16824

type: string

16825

values:

16826

description: values is an array of string values.

16827

items:

16828

type: string

16829

type: array

16830

required:

16831

- key

16832

- operator

16833

type: object

16834

type: array

16835

matchLabels:

16836

additionalProperties:

16837

type: string

16838

description: matchLabels is a map of {key,value} pairs.

16839

type: object

16840

type: object

16841

x-kubernetes-map-type: atomic

16842

storageClassName:

16843

description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'

16844

type: string

16845

volumeMode:

16846

description: volumeMode defines what type of volume is required by the claim.

16847

type: string

16848

volumeName:

16849

description: VolumeName is the binding reference to the PersistentVolume backing this claim.

16850

type: string

16851

type: object

16852

required:

16853

- spec

16854

type: object

16855

type: object

16856

fc:

16857

description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach

16858

properties:

16859

fsType:

16860

description: Filesystem type to mount.

16861

type: string

16862

lun:

16863

description: 'Optional: FC target lun number'

16864

format: int32

16865

type: integer

16866

readOnly:

16867

description: 'Optional: Defaults to false (read/write).'

16868

type: boolean

16869

targetWWNs:

16870

description: 'Optional: FC target worldwide names (WWNs)'

16871

items:

16872

type: string

16873

type: array

16874

wwids:

16875

description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'

16876

items:

16877

type: string

16878

type: array

16879

type: object

16880

flexVolume:

16881

description: FlexVolume represents a generic volume resource that is provisioned/attached usi

16882

properties:

16883

driver:

16884

description: Driver is the name of the driver to use for this volume.

16885

type: string

16886

fsType:

16887

description: Filesystem type to mount.

16888

type: string

16889

options:

16890

additionalProperties:

16891

type: string

16892

description: 'Optional: Extra command options if any.'

16893

type: object

16894

readOnly:

16895

description: 'Optional: Defaults to false (read/write).'

16896

type: boolean

16897

secretRef:

16898

description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'

16899

properties:

16900

name:

16901

description: 'Name of the referent. More info: https://kubernetes.'

16902

type: string

16903

type: object

16904

x-kubernetes-map-type: atomic

16905

required:

16906

- driver

16907

type: object

16908

flocker:

16909

description: Flocker represents a Flocker volume attached to a kubelet's host machine.

16910

properties:

16911

datasetName:

16912

description: Name of the dataset stored as metadata -> name on the dataset for Flocker should

16913

type: string

16914

datasetUUID:

16915

description: UUID of the dataset. This is unique identifier of a Flocker dataset

16916

type: string

16917

type: object

16918

gcePersistentDisk:

16919

description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's

16920

properties:

16921

fsType:

16922

description: Filesystem type of the volume that you want to mount.

16923

type: string

16924

partition:

16925

description: The partition in the volume that you want to mount.

16926

format: int32

16927

type: integer

16928

pdName:

16929

description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.

16930

type: string

16931

readOnly:

16932

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

16933

type: boolean

16934

required:

16935

- pdName

16936

type: object

16937

gitRepo:

16938

description: GitRepo represents a git repository at a particular revision.

16939

properties:

16940

directory:

16941

description: Target directory name. Must not contain or start with '..'. If '.

16942

type: string

16943

repository:

16944

description: Repository URL

16945

type: string

16946

revision:

16947

description: Commit hash for the specified revision.

16948

type: string

16949

required:

16950

- repository

16951

type: object

16952

glusterfs:

16953

description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.

16954

properties:

16955

endpoints:

16956

description: EndpointsName is the endpoint name that details Glusterfs topology.

16957

type: string

16958

path:

16959

description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'

16960

type: string

16961

readOnly:

16962

description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi

16963

type: boolean

16964

required:

16965

- endpoints

16966

- path

16967

type: object

16968

hostPath:

16969

description: HostPath represents a pre-existing file or directory on the host machine that is

16970

properties:

16971

path:

16972

description: Path of the directory on the host.

16973

type: string

16974

type:

16975

description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'

16976

type: string

16977

required:

16978

- path

16979

type: object

16980

iscsi:

16981

description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac

16982

properties:

16983

chapAuthDiscovery:

16984

description: whether support iSCSI Discovery CHAP authentication

16985

type: boolean

16986

chapAuthSession:

16987

description: whether support iSCSI Session CHAP authentication

16988

type: boolean

16989

fsType:

16990

description: Filesystem type of the volume that you want to mount.

16991

type: string

16992

initiatorName:

16993

description: Custom iSCSI Initiator Name.

16994

type: string

16995

iqn:

16996

description: Target iSCSI Qualified Name.

16997

type: string

16998

iscsiInterface:

16999

description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

17000

type: string

17001

lun:

17002

description: iSCSI Target Lun number.

17003

format: int32

17004

type: integer

17005

portals:

17006

description: iSCSI Target Portal List.

17007

items:

17008

type: string

17009

type: array

17010

readOnly:

17011

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

17012

type: boolean

17013

secretRef:

17014

description: CHAP Secret for iSCSI target and initiator authentication

17015

properties:

17016

name:

17017

description: 'Name of the referent. More info: https://kubernetes.'

17018

type: string

17019

type: object

17020

x-kubernetes-map-type: atomic

17021

targetPortal:

17022

description: iSCSI Target Portal.

17023

type: string

17024

required:

17025

- iqn

17026

- lun

17027

- targetPortal

17028

type: object

17029

name:

17030

description: Volume's name. Must be a DNS_LABEL and unique within the pod.

17031

type: string

17032

nfs:

17033

description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '

17034

properties:

17035

path:

17036

description: 'Path that is exported by the NFS server. More info: https://kubernetes.'

17037

type: string

17038

readOnly:

17039

description: ReadOnly here will force the NFS export to be mounted with read-only permissions

17040

type: boolean

17041

server:

17042

description: Server is the hostname or IP address of the NFS server.

17043

type: string

17044

required:

17045

- path

17046

- server

17047

type: object

17048

persistentVolumeClaim:

17049

description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl

17050

properties:

17051

claimName:

17052

description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po

17053

type: string

17054

readOnly:

17055

description: Will force the ReadOnly setting in VolumeMounts. Default false.

17056

type: boolean

17057

required:

17058

- claimName

17059

type: object

17060

photonPersistentDisk:

17061

description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '

17062

properties:

17063

fsType:

17064

description: Filesystem type to mount.

17065

type: string

17066

pdID:

17067

description: ID that identifies Photon Controller persistent disk

17068

type: string

17069

required:

17070

- pdID

17071

type: object

17072

portworxVolume:

17073

description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos

17074

properties:

17075

fsType:

17076

description: FSType represents the filesystem type to mount Must be a filesystem type support

17077

type: string

17078

readOnly:

17079

description: Defaults to false (read/write).

17080

type: boolean

17081

volumeID:

17082

description: VolumeID uniquely identifies a Portworx volume

17083

type: string

17084

required:

17085

- volumeID

17086

type: object

17087

projected:

17088

description: Items for all in one resources secrets, configmaps, and downward API

17089

properties:

17090

defaultMode:

17091

description: Mode bits used to set permissions on created files by default.

17092

format: int32

17093

type: integer

17094

sources:

17095

description: list of volume projections

17096

items:

17097

description: Projection that may be projected along with other supported volume types

17098

properties:

17099

configMap:

17100

description: information about the configMap data to project

17101

properties:

17102

items:

17103

description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa

17104

items:

17105

description: Maps a string key to a path within a volume.

17106

properties:

17107

key:

17108

description: The key to project.

17109

type: string

17110

mode:

17111

description: 'Optional: mode bits used to set permissions on this file.'

17112

format: int32

17113

type: integer

17114

path:

17115

description: The relative path of the file to map the key to. May not be an absolute path.

17116

type: string

17117

required:

17118

- key

17119

- path

17120

type: object

17121

type: array

17122

name:

17123

description: 'Name of the referent. More info: https://kubernetes.'

17124

type: string

17125

optional:

17126

description: Specify whether the ConfigMap or its keys must be defined

17127

type: boolean

17128

type: object

17129

x-kubernetes-map-type: atomic

17130

downwardAPI:

17131

description: information about the downwardAPI data to project

17132

properties:

17133

items:

17134

description: Items is a list of DownwardAPIVolume file

17135

items:

17136

description: DownwardAPIVolumeFile represents information to create the file containing the p

17137

properties:

17138

fieldRef:

17139

description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'

17140

properties:

17141

apiVersion:

17142

description: Version of the schema the FieldPath is written in terms of, defaults to "v1".

17143

type: string

17144

fieldPath:

17145

description: Path of the field to select in the specified API version.

17146

type: string

17147

required:

17148

- fieldPath

17149

type: object

17150

x-kubernetes-map-type: atomic

17151

mode:

17152

description: 'Optional: mode bits used to set permissions on this file, must be an octal value'

17153

format: int32

17154

type: integer

17155

path:

17156

description: 'Required: Path is the relative path name of the file to be created.'

17157

type: string

17158

resourceFieldRef:

17159

description: 'Selects a resource of the container: only resources limits and requests (limits.'

17160

properties:

17161

containerName:

17162

description: 'Container name: required for volumes, optional for env vars'

17163

type: string

17164

divisor:

17165

anyOf:

17166

- type: integer

17167

- type: string

17168

description: Specifies the output format of the exposed resources, defaults to "1"

17169

pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$

17170

x-kubernetes-int-or-string: true

17171

resource:

17172

description: 'Required: resource to select'

17173

type: string

17174

required:

17175

- resource

17176

type: object

17177

x-kubernetes-map-type: atomic

17178

required:

17179

- path

17180

type: object

17181

type: array

17182

type: object

17183

secret:

17184

description: information about the secret data to project

17185

properties:

17186

items:

17187

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

17188

items:

17189

description: Maps a string key to a path within a volume.

17190

properties:

17191

key:

17192

description: The key to project.

17193

type: string

17194

mode:

17195

description: 'Optional: mode bits used to set permissions on this file.'

17196

format: int32

17197

type: integer

17198

path:

17199

description: The relative path of the file to map the key to. May not be an absolute path.

17200

type: string

17201

required:

17202

- key

17203

- path

17204

type: object

17205

type: array

17206

name:

17207

description: 'Name of the referent. More info: https://kubernetes.'

17208

type: string

17209

optional:

17210

description: Specify whether the Secret or its key must be defined

17211

type: boolean

17212

type: object

17213

x-kubernetes-map-type: atomic

17214

serviceAccountToken:

17215

description: information about the serviceAccountToken data to project

17216

properties:

17217

audience:

17218

description: Audience is the intended audience of the token.

17219

type: string

17220

expirationSeconds:

17221

description: ExpirationSeconds is the requested duration of validity of the service account t

17222

format: int64

17223

type: integer

17224

path:

17225

description: Path is the path relative to the mount point of the file to project the token in

17226

type: string

17227

required:

17228

- path

17229

type: object

17230

type: object

17231

type: array

17232

type: object

17233

quobyte:

17234

description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime

17235

properties:

17236

group:

17237

description: Group to map volume access to Default is no group

17238

type: string

17239

readOnly:

17240

description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss

17241

type: boolean

17242

registry:

17243

description: 'Registry represents a single or multiple Quobyte Registry services specified as '

17244

type: string

17245

tenant:

17246

description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov

17247

type: string

17248

user:

17249

description: User to map volume access to Defaults to serivceaccount user

17250

type: string

17251

volume:

17252

description: Volume is a string that references an already created Quobyte volume by name.

17253

type: string

17254

required:

17255

- registry

17256

- volume

17257

type: object

17258

rbd:

17259

description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti

17260

properties:

17261

fsType:

17262

description: Filesystem type of the volume that you want to mount.

17263

type: string

17264

image:

17265

description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'

17266

type: string

17267

keyring:

17268

description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.

17269

type: string

17270

monitors:

17271

description: 'A collection of Ceph monitors. More info: https://examples.k8s.'

17272

items:

17273

type: string

17274

type: array

17275

pool:

17276

description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'

17277

type: string

17278

readOnly:

17279

description: ReadOnly here will force the ReadOnly setting in VolumeMounts.

17280

type: boolean

17281

secretRef:

17282

description: SecretRef is name of the authentication secret for RBDUser.

17283

properties:

17284

name:

17285

description: 'Name of the referent. More info: https://kubernetes.'

17286

type: string

17287

type: object

17288

x-kubernetes-map-type: atomic

17289

user:

17290

description: 'The rados user name. Default is admin. More info: https://examples.k8s.'

17291

type: string

17292

required:

17293

- image

17294

- monitors

17295

type: object

17296

scaleIO:

17297

description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete

17298

properties:

17299

fsType:

17300

description: Filesystem type to mount.

17301

type: string

17302

gateway:

17303

description: The host address of the ScaleIO API Gateway.

17304

type: string

17305

protectionDomain:

17306

description: The name of the ScaleIO Protection Domain for the configured storage.

17307

type: string

17308

readOnly:

17309

description: Defaults to false (read/write).

17310

type: boolean

17311

secretRef:

17312

description: SecretRef references to the secret for ScaleIO user and other sensitive informat

17313

properties:

17314

name:

17315

description: 'Name of the referent. More info: https://kubernetes.'

17316

type: string

17317

type: object

17318

x-kubernetes-map-type: atomic

17319

sslEnabled:

17320

description: Flag to enable/disable SSL communication with Gateway, default false

17321

type: boolean

17322

storageMode:

17323

description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro

17324

type: string

17325

storagePool:

17326

description: The ScaleIO Storage Pool associated with the protection domain.

17327

type: string

17328

system:

17329

description: The name of the storage system as configured in ScaleIO.

17330

type: string

17331

volumeName:

17332

description: The name of a volume already created in the ScaleIO system that is associated wi

17333

type: string

17334

required:

17335

- gateway

17336

- secretRef

17337

- system

17338

type: object

17339

secret:

17340

description: Secret represents a secret that should populate this volume.

17341

properties:

17342

defaultMode:

17343

description: 'Optional: mode bits used to set permissions on created files by default.'

17344

format: int32

17345

type: integer

17346

items:

17347

description: If unspecified, each key-value pair in the Data field of the referenced Secret w

17348

items:

17349

description: Maps a string key to a path within a volume.

17350

properties:

17351

key:

17352

description: The key to project.

17353

type: string

17354

mode:

17355

description: 'Optional: mode bits used to set permissions on this file.'

17356

format: int32

17357

type: integer

17358

path:

17359

description: The relative path of the file to map the key to. May not be an absolute path.

17360

type: string

17361

required:

17362

- key

17363

- path

17364

type: object

17365

type: array

17366

optional:

17367

description: Specify whether the Secret or its keys must be defined

17368

type: boolean

17369

secretName:

17370

description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'

17371

type: string

17372

type: object

17373

storageos:

17374

description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes

17375

properties:

17376

fsType:

17377

description: Filesystem type to mount.

17378

type: string

17379

readOnly:

17380

description: Defaults to false (read/write).

17381

type: boolean

17382

secretRef:

17383

description: SecretRef specifies the secret to use for obtaining the StorageOS API credential

17384

properties:

17385

name:

17386

description: 'Name of the referent. More info: https://kubernetes.'

17387

type: string

17388

type: object

17389

x-kubernetes-map-type: atomic

17390

volumeName:

17391

description: VolumeName is the human-readable name of the StorageOS volume.

17392

type: string

17393

volumeNamespace:

17394

description: VolumeNamespace specifies the scope of the volume within StorageOS.

17395

type: string

17396

type: object

17397

vsphereVolume:

17398

description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '

17399

properties:

17400

fsType:

17401

description: Filesystem type to mount.

17402

type: string

17403

storagePolicyID:

17404

description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol

17405

type: string

17406

storagePolicyName:

17407

description: Storage Policy Based Management (SPBM) profile name.

17408

type: string

17409

volumePath:

17410

description: Path that identifies vSphere volume vmdk

17411

type: string

17412

required:

17413

- volumePath

17414

type: object

17415

required:

17416

- name

17417

type: object

17418

type: array

17419

required: null

17420

type: object

17421

type: object

17422

type: object

17423

status:

17424

description: TorStatus defines the observed state of Tor.

17425

properties:

17426

config:

17427

description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run'

17428

type: string

17429

type: object

17430

type: object

17431

served: true

17432

storage: true

17433

subresources:

17434

status: {}

17435

---

17436

apiVersion: v1

17437

kind: ServiceAccount

17438

metadata:

17439

17440

namespace: tor-controller-system

17441

---

17442

apiVersion: rbac.authorization.k8s.io/v1

17443

kind: Role

17444

metadata:

17445

17446

namespace: tor-controller-system

17447

rules:

17448

- apiGroups:

17449

- ""

17450

resources:

17451

- configmaps

17452

verbs:

17453

- get

17454

- list

17455

- watch

17456

- create

17457

- update

17458

- patch

17459

- delete

17460

- apiGroups:

17461

- coordination.k8s.io

17462

resources:

17463

- leases

17464

verbs:

17465

- get

17466

- list

17467

- watch

17468

- create

17469

- update

17470

- patch

17471

- delete

17472

- apiGroups:

17473

- ""

17474

resources:

17475

- events

17476

verbs:

17477

- create

17478

- patch

17479

---

17480

apiVersion: rbac.authorization.k8s.io/v1

17481

kind: ClusterRole

17482

metadata:

17483

creationTimestamp: null

17484

17485

rules:

17486

- apiGroups:

17487

- ""

17488

resources:

17489

- configmaps

17490

verbs:

17491

- create

17492

- delete

17493

- get

17494

- list

17495

- patch

17496

- update

17497

- watch

17498

- apiGroups:

17499

- ""

17500

resources:

17501

- events

17502

verbs:

17503

- create

17504

- patch

17505

- update

17506

- apiGroups:

17507

- ""

17508

resources:

17509

- secrets

17510

verbs:

17511

- create

17512

- delete

17513

- get

17514

- list

17515

- patch

17516

- update

17517

- watch

17518

- apiGroups:

17519

- ""

17520

resources:

17521

- serviceaccounts

17522

verbs:

17523

- create

17524

- delete

17525

- get

17526

- list

17527

- patch

17528

- update

17529

- watch

17530

- apiGroups:

17531

- ""

17532

resources:

17533

- services

17534

verbs:

17535

- create

17536

- delete

17537

- get

17538

- list

17539

- patch

17540

- update

17541

- watch

17542

- apiGroups:

17543

- apiextensions.k8s.io

17544

resources:

17545

- customresourcedefinitions

17546

verbs:

17547

- get

17548

- list

17549

- watch

17550

- apiGroups:

17551

- apps

17552

resources:

17553

- deployments

17554

verbs:

17555

- create

17556

- delete

17557

- get

17558

- list

17559

- patch

17560

- update

17561

- watch

17562

- apiGroups:

17563

- monitoring.coreos.com

17564

resources:

17565

- servicemonitors

17566

verbs:

17567

- create

17568

- delete

17569

- get

17570

- list

17571

- patch

17572

- update

17573

- watch

17574

- apiGroups:

17575

- rbac.authorization.k8s.io

17576

resources:

17577

- rolebindings

17578

verbs:

17579

- create

17580

- delete

17581

- get

17582

- list

17583

- patch

17584

- update

17585

- watch

17586

- apiGroups:

17587

- rbac.authorization.k8s.io

17588

resources:

17589

- roles

17590

verbs:

17591

- create

17592

- delete

17593

- get

17594

- list

17595

- patch

17596

- update

17597

- watch

17598

- apiGroups:

17599

- tor.k8s.torproject.org

17600

resources:

17601

- onionbalancedservices

17602

verbs:

17603

- create

17604

- delete

17605

- get

17606

- list

17607

- patch

17608

- update

17609

- watch

17610

- apiGroups:

17611

- tor.k8s.torproject.org

17612

resources:

17613

- onionbalancedservices/finalizers

17614

verbs:

17615

- update

17616

- apiGroups:

17617

- tor.k8s.torproject.org

17618

resources:

17619

- onionbalancedservices/status

17620

verbs:

17621

- get

17622

- patch

17623

- update

17624

- apiGroups:

17625

- tor.k8s.torproject.org

17626

resources:

17627

- onionservices

17628

verbs:

17629

- create

17630

- delete

17631

- get

17632

- list

17633

- patch

17634

- update

17635

- watch

17636

- apiGroups:

17637

- tor.k8s.torproject.org

17638

resources:

17639

- onionservices/finalizers

17640

verbs:

17641

- update

17642

- apiGroups:

17643

- tor.k8s.torproject.org

17644

resources:

17645

- onionservices/status

17646

verbs:

17647

- get

17648

- patch

17649

- update

17650

- apiGroups:

17651

- tor.k8s.torproject.org

17652

resources:

17653

- tors

17654

verbs:

17655

- create

17656

- delete

17657

- get

17658

- list

17659

- patch

17660

- update

17661

- watch

17662

- apiGroups:

17663

- tor.k8s.torproject.org

17664

resources:

17665

- tors/finalizers

17666

verbs:

17667

- update

17668

- apiGroups:

17669

- tor.k8s.torproject.org

17670

resources:

17671

- tors/status

17672

verbs:

17673

- get

17674

- patch

17675

- update

17676

---

17677

apiVersion: rbac.authorization.k8s.io/v1

17678

kind: ClusterRole

17679

metadata:

17680

17681

rules:

17682

- nonResourceURLs:

17683

- /metrics

17684

verbs:

17685

- get

17686

---

17687

apiVersion: rbac.authorization.k8s.io/v1

17688

kind: ClusterRole

17689

metadata:

17690

17691

rules:

17692

- apiGroups:

17693

- authentication.k8s.io

17694

resources:

17695

- tokenreviews

17696

verbs:

17697

- create

17698

- apiGroups:

17699

- authorization.k8s.io

17700

resources:

17701

- subjectaccessreviews

17702

verbs:

17703

- create

17704

---

17705

apiVersion: rbac.authorization.k8s.io/v1

17706

kind: RoleBinding

17707

metadata:

17708

17709

namespace: tor-controller-system

17710

roleRef:

17711

apiGroup: rbac.authorization.k8s.io

17712

kind: Role

17713

17714

subjects:

17715

- kind: ServiceAccount

17716

17717

namespace: tor-controller-system

17718

---

17719

apiVersion: rbac.authorization.k8s.io/v1

17720

kind: ClusterRoleBinding

17721

metadata:

17722

17723

roleRef:

17724

apiGroup: rbac.authorization.k8s.io

17725

kind: ClusterRole

17726

17727

subjects:

17728

- kind: ServiceAccount

17729

17730

namespace: tor-controller-system

17731

---

17732

apiVersion: rbac.authorization.k8s.io/v1

17733

kind: ClusterRoleBinding

17734

metadata:

17735

17736

roleRef:

17737

apiGroup: rbac.authorization.k8s.io

17738

kind: ClusterRole

17739

17740

subjects:

17741

- kind: ServiceAccount

17742

17743

namespace: tor-controller-system

17744

---

17745

apiVersion: v1

17746

data:

17747

controller_manager_config.yaml: |

17748

apiVersion: config.k8s.torproject.org/v2

17749

kind: ProjectConfig

17750

meta:

17751

17752

health:

17753

healthProbeBindAddress: :8081

17754

metrics:

17755

bindAddress: 127.0.0.1:8080

17756

webhook:

17757

port: 9443

17758

leaderElection:

17759

leaderElect: true

17760

resourceName: 59806307.k8s.torproject.org

17761

torDaemon:

17762

image: quay.io/bugfest/tor-daemon:latest

17763

torDaemonManager:

17764

image: quay.io/bugfest/tor-daemon-manager:latest

17765

torOnionbalanceManager:

17766

image: quay.io/bugfest/tor-onionbalance-manager:latest

17767

kind: ConfigMap

17768

metadata:

17769

17770

namespace: tor-controller-system

17771

---

17772

apiVersion: v1

17773

kind: Service

17774

metadata:

17775

labels:

17776

control-plane: controller-manager

17777

17778

namespace: tor-controller-system

17779

spec:

17780

ports:

17781

- name: https

17782

port: 8443

17783

protocol: TCP

17784

targetPort: https

17785

selector:

17786

control-plane: controller-manager

17787

---

17788

apiVersion: apps/v1

17789

kind: Deployment

17790

metadata:

17791

labels:

17792

control-plane: controller-manager

17793

17794

namespace: tor-controller-system

17795

spec:

17796

replicas: 1

17797

selector:

17798

matchLabels:

17799

control-plane: controller-manager

17800

template:

17801

metadata:

17802

annotations:

17803

kubectl.kubernetes.io/default-container: manager

17804

labels:

17805

control-plane: controller-manager

17806

spec:

17807

containers:

17808

- args:

17809

- --config=/controller_manager_config.yaml

17810

command:

17811

- /app/manager

17812

image: quay.io/bugfest/tor-controller:latest

17813

imagePullPolicy: Always

17814

livenessProbe:

17815

httpGet:

17816

path: /healthz

17817

port: 8081

17818

initialDelaySeconds: 15

17819

periodSeconds: 20

17820

17821

readinessProbe:

17822

httpGet:

17823

path: /readyz

17824

port: 8081

17825

initialDelaySeconds: 5

17826

periodSeconds: 10

17827

resources:

17828

limits:

17829

cpu: 500m

17830

memory: 128Mi

17831

requests:

17832

cpu: 10m

17833

memory: 64Mi

17834

securityContext:

17835

allowPrivilegeEscalation: false

17836

volumeMounts:

17837

- mountPath: /controller_manager_config.yaml

17838

17839

subPath: controller_manager_config.yaml

17840

- args:

17841

- --secure-listen-address=0.0.0.0:8443

17842

- --upstream=http://127.0.0.1:8080/

17843

- --logtostderr=true

17844

- --v=10

17845

image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0

17846

17847

ports:

17848

- containerPort: 8443

17849

17850

protocol: TCP

17851

securityContext:

17852

runAsNonRoot: true

17853

serviceAccountName: tor-controller-controller-manager

17854

terminationGracePeriodSeconds: 10

17855

volumes:

17856

- configMap:

17857

17858

17859