From 226ee3731e13baa298959a81c9a98350fe891c92 Mon Sep 17 00:00:00 2001 From: sebhoss Date: Fri, 14 Jun 2024 13:55:51 +0000 Subject: [PATCH] Update upstream specifications to their latest version --- ...ona_com_percona_pg_upgrade_v2_manifest.yml | 40 + ...amazonaws_com_bundles_v1alpha1_manifest.md | 45 + ...s_target_group_policy_v1alpha1_manifest.md | 6 +- ...ackup_policy_template_v1alpha1_manifest.md | 142 +- ...io_cluster_definition_v1alpha1_manifest.md | 1418 +- ...kubeblocks_io_cluster_v1alpha1_manifest.md | 1780 +- ...ks_io_cluster_version_v1alpha1_manifest.md | 36 +- ..._component_definition_v1alpha1_manifest.md | 2180 +-- ...beblocks_io_component_v1alpha1_manifest.md | 828 +- ..._io_component_version_v1alpha1_manifest.md | 6 +- ..._io_config_constraint_v1alpha1_manifest.md | 80 +- ...s_io_config_constraint_v1beta1_manifest.md | 70 +- ...ocks_io_configuration_v1alpha1_manifest.md | 38 +- ...cks_io_ops_definition_v1alpha1_manifest.md | 1300 +- ...blocks_io_ops_request_v1alpha1_manifest.md | 672 +- ...io_service_descriptor_v1alpha1_manifest.md | 60 +- ...he_org_integration_platform_v1_manifest.md | 2 + ...che_org_integration_profile_v1_manifest.md | 2 + ...amel_apache_org_integration_v1_manifest.md | 2 + ...e_org_kamelet_binding_v1alpha1_manifest.md | 2 + .../camel_apache_org_pipe_v1_manifest.md | 2 + ...ries_flanksource_com_canary_v1_manifest.md | 4833 +++-- ...erno_io_configuration_v1alpha1_manifest.md | 6 +- ...erno_io_configuration_v1alpha2_manifest.md | 6 +- ...insaw_kyverno_io_test_v1alpha1_manifest.md | 30 +- ...insaw_kyverno_io_test_v1alpha2_manifest.md | 1174 +- ...x_k8s_io_cluster_class_v1beta1_manifest.md | 13 +- ...uster_x_k8s_io_cluster_v1beta1_manifest.md | 13 +- ..._io_machine_deployment_v1beta1_manifest.md | 9 + ...o_machine_health_check_v1beta1_manifest.md | 2 +- ...eblocks_io_action_set_v1alpha1_manifest.md | 32 +- ...ocks_io_backup_policy_v1alpha1_manifest.md | 152 +- ...ks_io_backup_schedule_v1alpha1_manifest.md | 6 +- ..._kubeblocks_io_backup_v1alpha1_manifest.md | 4 +- ...kubeblocks_io_restore_v1alpha1_manifest.md | 296 +- ...ruid_apache_org_druid_v1alpha1_manifest.md | 1 + ...s_kubeblocks_io_addon_v1alpha1_manifest.md | 46 +- ...o_cluster_secret_store_v1beta1_manifest.md | 100 + ...ecrets_io_secret_store_v1beta1_manifest.md | 100 + ...serv_io_flow_collector_v1beta1_manifest.md | 2 +- ...serv_io_flow_collector_v1beta2_manifest.md | 178 +- ...ent_io_cluster_output_v1alpha2_manifest.md | 1 + ..._fluent_io_fluent_bit_v1alpha2_manifest.md | 1 + ...tbit_fluent_io_output_v1alpha2_manifest.md | 1 + ...klift_konveyor_io_plan_v1beta1_manifest.md | 15 + .../gateway_solo_io_gateway_v1_manifest.md | 74 + ...o_io_matchable_http_gateway_v1_manifest.md | 37 + .../getambassador_io_host_v2_manifest.md | 4 +- ...getambassador_io_host_v3alpha1_manifest.md | 4 +- .../infinispan_org_infinispan_v1_manifest.md | 10 + ...here_cluster_identity_v1alpha3_manifest.md | 12 +- ...here_cluster_identity_v1alpha4_manifest.md | 12 +- ...phere_cluster_identity_v1beta1_manifest.md | 8 +- ...here_cluster_template_v1alpha4_manifest.md | 6 +- ...phere_cluster_template_v1beta1_manifest.md | 16 +- ...s_io_v_sphere_cluster_v1alpha3_manifest.md | 54 +- ...s_io_v_sphere_cluster_v1alpha4_manifest.md | 6 +- ...8s_io_v_sphere_cluster_v1beta1_manifest.md | 16 +- ...phere_deployment_zone_v1alpha3_manifest.md | 10 +- ...phere_deployment_zone_v1alpha4_manifest.md | 10 +- ...sphere_deployment_zone_v1beta1_manifest.md | 6 +- ...sphere_failure_domain_v1alpha3_manifest.md | 8 +- ...sphere_failure_domain_v1alpha4_manifest.md | 8 +- ..._sphere_failure_domain_v1beta1_manifest.md | 6 +- ...here_machine_template_v1alpha3_manifest.md | 86 +- ...here_machine_template_v1alpha4_manifest.md | 70 +- ...phere_machine_template_v1beta1_manifest.md | 128 +- ...s_io_v_sphere_machine_v1alpha3_manifest.md | 64 +- ...s_io_v_sphere_machine_v1alpha4_manifest.md | 64 +- ...8s_io_v_sphere_machine_v1beta1_manifest.md | 122 +- ..._x_k8s_io_v_sphere_vm_v1alpha3_manifest.md | 76 +- ..._x_k8s_io_v_sphere_vm_v1alpha4_manifest.md | 76 +- ...r_x_k8s_io_v_sphere_vm_v1beta1_manifest.md | 134 +- ...bset_x_k8s_io_job_set_v1alpha2_manifest.md | 2 +- .../kiali_io_kiali_v1alpha1_manifest.md | 40 - ...e_x_k8s_io_local_queue_v1beta1_manifest.md | 1 + ...ma_io_mesh_access_log_v1alpha1_manifest.md | 9 + ..._mesh_circuit_breaker_v1alpha1_manifest.md | 9 + ..._mesh_fault_injection_v1alpha1_manifest.md | 9 + ..._io_mesh_health_check_v1alpha1_manifest.md | 6 + ...ma_io_mesh_http_route_v1alpha1_manifest.md | 12 + ...ad_balancing_strategy_v1alpha1_manifest.md | 6 + ...a_io_mesh_proxy_patch_v1alpha1_manifest.md | 3 + ...ma_io_mesh_rate_limit_v1alpha1_manifest.md | 9 + .../kuma_io_mesh_retry_v1alpha1_manifest.md | 6 + ...uma_io_mesh_tcp_route_v1alpha1_manifest.md | 9 + .../kuma_io_mesh_timeout_v1alpha1_manifest.md | 9 + .../kuma_io_mesh_trace_v1alpha1_manifest.md | 3 + ...sh_traffic_permission_v1alpha1_manifest.md | 6 + .../kyverno_io_cluster_policy_v1_manifest.md | 3 +- ...erno_io_cluster_policy_v2beta1_manifest.md | 3 +- .../kyverno_io_policy_v1_manifest.md | 3 +- .../kyverno_io_policy_v2beta1_manifest.md | 3 +- ...ki_grafana_com_ruler_config_v1_manifest.md | 2 + ..._com_prometheus_agent_v1alpha1_manifest.md | 2 +- ...oring_coreos_com_prometheus_v1_manifest.md | 2 +- ...eos_com_scrape_config_v1alpha1_manifest.md | 266 + ...r_cryostat_io_cryostat_v1beta2_manifest.md | 1 + ...cona_com_percona_pg_cluster_v2_manifest.md | 3 +- ...cona_com_percona_pg_upgrade_v2_manifest.md | 1149 ++ ...server_my_sql_restore_v1alpha1_manifest.md | 26 + ...percona_server_my_sql_v1alpha1_manifest.md | 183 + ...hift_io_ptp_operator_config_v1_manifest.md | 4 +- ...s_io_storage_provider_v1alpha1_manifest.md | 18 +- ...emporal_cluster_client_v1beta1_manifest.md | 4 +- ...al_io_temporal_cluster_v1beta1_manifest.md | 472 +- ..._io_temporal_namespace_v1beta1_manifest.md | 16 +- ...eflare_dev_app_wrapper_v1beta2_manifest.md | 2 +- ...locks_io_instance_set_v1alpha1_manifest.md | 1978 +-- .../data-source.tf | 6 + .../main.tf | 12 + .../outputs.tf | 5 + ...amazonaws_com_bundles_v1alpha1_manifest.go | 234 + ...s_target_group_policy_v1alpha1_manifest.go | 12 +- ...ackup_policy_template_v1alpha1_manifest.go | 280 +- ...io_cluster_definition_v1alpha1_manifest.go | 2832 +-- ...kubeblocks_io_cluster_v1alpha1_manifest.go | 3556 ++-- ...ks_io_cluster_version_v1alpha1_manifest.go | 68 +- ..._component_definition_v1alpha1_manifest.go | 4356 ++--- ...beblocks_io_component_v1alpha1_manifest.go | 1652 +- ..._io_component_version_v1alpha1_manifest.go | 12 +- ..._io_config_constraint_v1alpha1_manifest.go | 156 +- ...ocks_io_configuration_v1alpha1_manifest.go | 72 +- ...cks_io_ops_definition_v1alpha1_manifest.go | 2600 +-- ...blocks_io_ops_request_v1alpha1_manifest.go | 1344 +- ...io_service_descriptor_v1alpha1_manifest.go | 116 +- ...s_io_config_constraint_v1beta1_manifest.go | 136 +- ...he_org_integration_platform_v1_manifest.go | 19 + ...che_org_integration_profile_v1_manifest.go | 19 + ...amel_apache_org_integration_v1_manifest.go | 19 + .../camel_apache_org_pipe_v1_manifest.go | 19 + ...e_org_kamelet_binding_v1alpha1_manifest.go | 19 + ...ries_flanksource_com_canary_v1_manifest.go | 14704 +++++++++++----- ...erno_io_configuration_v1alpha1_manifest.go | 12 +- ...insaw_kyverno_io_test_v1alpha1_manifest.go | 60 +- ...erno_io_configuration_v1alpha2_manifest.go | 12 +- ...insaw_kyverno_io_test_v1alpha2_manifest.go | 4622 ++--- ..._clusterwide_network_policy_v2_manifest.go | 36 +- ...ilium_egress_gateway_policy_v2_manifest.go | 4 - ...um_io_cilium_network_policy_v2_manifest.go | 36 +- ...x_k8s_io_cluster_class_v1beta1_manifest.go | 28 +- ...uster_x_k8s_io_cluster_v1beta1_manifest.go | 28 +- ..._io_machine_deployment_v1beta1_manifest.go | 20 + ...o_machine_health_check_v1beta1_manifest.go | 4 +- ...eblocks_io_action_set_v1alpha1_manifest.go | 64 +- ...ocks_io_backup_policy_v1alpha1_manifest.go | 304 +- ...ks_io_backup_schedule_v1alpha1_manifest.go | 12 +- ..._kubeblocks_io_backup_v1alpha1_manifest.go | 8 +- ...kubeblocks_io_restore_v1alpha1_manifest.go | 592 +- ...ruid_apache_org_druid_v1alpha1_manifest.go | 11 +- ...s_kubeblocks_io_addon_v1alpha1_manifest.go | 92 +- ...o_cluster_secret_store_v1beta1_manifest.go | 296 +- ...ecrets_io_secret_store_v1beta1_manifest.go | 296 +- ...er_app_metric_template_v1beta1_manifest.go | 2 +- ...serv_io_flow_collector_v1beta1_manifest.go | 4 +- ...serv_io_flow_collector_v1beta2_manifest.go | 356 +- ...ent_io_cluster_output_v1alpha2_manifest.go | 9 + ..._fluent_io_fluent_bit_v1alpha2_manifest.go | 13 +- ...tbit_fluent_io_output_v1alpha2_manifest.go | 9 + ...klift_konveyor_io_plan_v1beta1_manifest.go | 76 +- .../gateway_solo_io_gateway_v1_manifest.go | 182 +- ...o_io_matchable_http_gateway_v1_manifest.go | 91 +- .../getambassador_io_host_v2_manifest.go | 8 +- ...getambassador_io_host_v3alpha1_manifest.go | 8 +- .../infinispan_org_infinispan_v1_manifest.go | 29 + ...here_cluster_identity_v1alpha3_manifest.go | 20 +- ...s_io_v_sphere_cluster_v1alpha3_manifest.go | 104 +- ...phere_deployment_zone_v1alpha3_manifest.go | 16 +- ...sphere_failure_domain_v1alpha3_manifest.go | 12 +- ...here_machine_template_v1alpha3_manifest.go | 168 +- ...s_io_v_sphere_machine_v1alpha3_manifest.go | 124 +- ..._x_k8s_io_v_sphere_vm_v1alpha3_manifest.go | 148 +- ...here_cluster_identity_v1alpha4_manifest.go | 20 +- ...here_cluster_template_v1alpha4_manifest.go | 8 +- ...s_io_v_sphere_cluster_v1alpha4_manifest.go | 8 +- ...phere_deployment_zone_v1alpha4_manifest.go | 16 +- ...sphere_failure_domain_v1alpha4_manifest.go | 12 +- ...here_machine_template_v1alpha4_manifest.go | 136 +- ...s_io_v_sphere_machine_v1alpha4_manifest.go | 124 +- ..._x_k8s_io_v_sphere_vm_v1alpha4_manifest.go | 148 +- ...phere_cluster_identity_v1beta1_manifest.go | 16 +- ...phere_cluster_template_v1beta1_manifest.go | 32 +- ...8s_io_v_sphere_cluster_v1beta1_manifest.go | 32 +- ...sphere_deployment_zone_v1beta1_manifest.go | 12 +- ..._sphere_failure_domain_v1beta1_manifest.go | 12 +- ...phere_machine_template_v1beta1_manifest.go | 256 +- ...8s_io_v_sphere_machine_v1beta1_manifest.go | 244 +- ...r_x_k8s_io_v_sphere_vm_v1beta1_manifest.go | 268 +- ...bset_x_k8s_io_job_set_v1alpha2_manifest.go | 4 +- .../kiali_io_kiali_v1alpha1_manifest.go | 120 - ...e_x_k8s_io_local_queue_v1beta1_manifest.go | 12 + ...ma_io_mesh_access_log_v1alpha1_manifest.go | 120 +- ..._mesh_circuit_breaker_v1alpha1_manifest.go | 120 +- ..._mesh_fault_injection_v1alpha1_manifest.go | 120 +- ..._io_mesh_health_check_v1alpha1_manifest.go | 80 +- ...ma_io_mesh_http_route_v1alpha1_manifest.go | 168 +- ...ad_balancing_strategy_v1alpha1_manifest.go | 80 +- ...a_io_mesh_proxy_patch_v1alpha1_manifest.go | 40 +- ...ma_io_mesh_rate_limit_v1alpha1_manifest.go | 120 +- .../kuma_io_mesh_retry_v1alpha1_manifest.go | 80 +- ...uma_io_mesh_tcp_route_v1alpha1_manifest.go | 124 +- .../kuma_io_mesh_timeout_v1alpha1_manifest.go | 120 +- .../kuma_io_mesh_trace_v1alpha1_manifest.go | 40 +- ...sh_traffic_permission_v1alpha1_manifest.go | 80 +- .../kyverno_io_cluster_policy_v1_manifest.go | 13 +- .../kyverno_io_policy_v1_manifest.go | 13 +- ...erno_io_cluster_policy_v2beta1_manifest.go | 13 +- .../kyverno_io_policy_v2beta1_manifest.go | 13 +- ...ki_grafana_com_ruler_config_v1_manifest.go | 34 +- .../minio_min_io_tenant_v2_manifest.go | 3 + ...oring_coreos_com_prometheus_v1_manifest.go | 4 +- ..._com_prometheus_agent_v1alpha1_manifest.go | 4 +- ...eos_com_scrape_config_v1alpha1_manifest.go | 761 +- ...r_cryostat_io_cryostat_v1beta2_manifest.go | 13 +- ...cona_com_percona_pg_cluster_v2_manifest.go | 19 +- ...cona_com_percona_pg_upgrade_v2_manifest.go | 3370 ++++ ...com_percona_pg_upgrade_v2_manifest_test.go | 31 + internal/provider/provider_data_sources.go | 2 + internal/provider/provider_resources.go | 1 + ...server_my_sql_restore_v1alpha1_manifest.go | 60 +- ...percona_server_my_sql_v1alpha1_manifest.go | 445 +- ...hift_io_ptp_operator_config_v1_manifest.go | 8 +- ...s_io_storage_provider_v1alpha1_manifest.go | 32 +- ...emporal_cluster_client_v1beta1_manifest.go | 8 +- ...al_io_temporal_cluster_v1beta1_manifest.go | 944 +- ..._io_temporal_namespace_v1beta1_manifest.go | 32 +- ...eflare_dev_app_wrapper_v1beta2_manifest.go | 4 +- ...locks_io_instance_set_v1alpha1_manifest.go | 3956 ++--- ...com_percona_pg_upgrade_v2_manifest.md.tmpl | 19 + ...com_percona_pg_upgrade_v2_manifest_test.go | 36 + terratests.mk | 6 +- tests.mk | 6 +- 232 files changed, 45011 insertions(+), 28913 deletions(-) create mode 100644 .github/workflows/terratest-pgv2_percona_com_percona_pg_upgrade_v2_manifest.yml create mode 100644 docs/data-sources/pgv2_percona_com_percona_pg_upgrade_v2_manifest.md create mode 100644 examples/data-sources/k8s_pgv2_percona_com_percona_pg_upgrade_v2_manifest/data-source.tf create mode 100644 examples/data-sources/k8s_pgv2_percona_com_percona_pg_upgrade_v2_manifest/main.tf create mode 100644 examples/data-sources/k8s_pgv2_percona_com_percona_pg_upgrade_v2_manifest/outputs.tf create mode 100644 internal/provider/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest.go create mode 100644 internal/provider/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest_test.go create mode 100644 templates/data-sources/pgv2_percona_com_percona_pg_upgrade_v2_manifest.md.tmpl create mode 100644 terratest/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest_test.go diff --git a/.github/workflows/terratest-pgv2_percona_com_percona_pg_upgrade_v2_manifest.yml b/.github/workflows/terratest-pgv2_percona_com_percona_pg_upgrade_v2_manifest.yml new file mode 100644 index 000000000..be6f2a467 --- /dev/null +++ b/.github/workflows/terratest-pgv2_percona_com_percona_pg_upgrade_v2_manifest.yml @@ -0,0 +1,40 @@ +# SPDX-FileCopyrightText: The terraform-provider-k8s Authors +# SPDX-License-Identifier: 0BSD + +name: Pgv2PerconaComPerconaPgupgradeV2Manifest +on: + pull_request: + branches: [ main ] + paths: + - examples/data-sources/k8s_pgv2_percona_com_percona_pg_upgrade_v2_manifest/** + - internal/provider/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest.go + - internal/provider/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest_test.go + - terratest/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest_test.go +jobs: + terraform: + name: Test with Terraform + runs-on: ubuntu-latest + steps: + - id: checkout + name: Checkout + uses: actions/checkout@v4 + - id: setup_go + name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: go.mod + cache: true + - id: setup_terraform + name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_wrapper: false + - id: install + name: Install Provider + run: make install + - id: tests + name: Run Unit Tests + run: go test -v -timeout=120s -count=1 ./internal/provider/pgv2_percona_com_v2/pgv2_percona_com_percona_pg_upgrade_v2_manifest_test.go + - id: terratest + name: Run Terratest Tests + run: go test -v -timeout=120s -count=1 -run TestPgv2PerconaComPerconaPgupgradeV2Manifest ./terratest/pgv2_percona_com_v2 diff --git a/docs/data-sources/anywhere_eks_amazonaws_com_bundles_v1alpha1_manifest.md b/docs/data-sources/anywhere_eks_amazonaws_com_bundles_v1alpha1_manifest.md index 73b2618cc..18f40aeac 100644 --- a/docs/data-sources/anywhere_eks_amazonaws_com_bundles_v1alpha1_manifest.md +++ b/docs/data-sources/anywhere_eks_amazonaws_com_bundles_v1alpha1_manifest.md @@ -1573,8 +1573,10 @@ Required: - `hegel` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--hegel)) - `hook` (Attributes) Tinkerbell hook OS. (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--hook)) - `rufio` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--rufio)) +- `stack` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--stack)) - `tink` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tink)) - `tinkerbell_chart` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tinkerbell_chart)) +- `tinkerbell_crds` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tinkerbell_crds)) ### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.actions` @@ -1847,15 +1849,44 @@ Optional: - `uri` (String) The image repository, name, and tag + +### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.stack` + +Optional: + +- `arch` (List of String) Architectures of the asset +- `description` (String) +- `image_digest` (String) The SHA256 digest of the image manifest +- `name` (String) The asset name +- `os` (String) Operating system of the asset +- `os_name` (String) Name of the OS like ubuntu, bottlerocket +- `uri` (String) The image repository, name, and tag + + ### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.tink` Required: +- `nginx` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tink--nginx)) - `tink_controller` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tink--tink_controller)) - `tink_server` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tink--tink_server)) - `tink_worker` (Attributes) (see [below for nested schema](#nestedatt--spec--versions_bundles--tinkerbell--tinkerbell_stack--tink--tink_worker)) + +### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.tink.nginx` + +Optional: + +- `arch` (List of String) Architectures of the asset +- `description` (String) +- `image_digest` (String) The SHA256 digest of the image manifest +- `name` (String) The asset name +- `os` (String) Operating system of the asset +- `os_name` (String) Name of the OS like ubuntu, bottlerocket +- `uri` (String) The image repository, name, and tag + + ### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.tink.tink_controller` @@ -1913,6 +1944,20 @@ Optional: - `uri` (String) The image repository, name, and tag + +### Nested Schema for `spec.versions_bundles.tinkerbell.tinkerbell_stack.tinkerbell_crds` + +Optional: + +- `arch` (List of String) Architectures of the asset +- `description` (String) +- `image_digest` (String) The SHA256 digest of the image manifest +- `name` (String) The asset name +- `os` (String) Operating system of the asset +- `os_name` (String) Name of the OS like ubuntu, bottlerocket +- `uri` (String) The image repository, name, and tag + + diff --git a/docs/data-sources/application_networking_k8s_aws_target_group_policy_v1alpha1_manifest.md b/docs/data-sources/application_networking_k8s_aws_target_group_policy_v1alpha1_manifest.md index 99d4e83a0..5aaa390a6 100644 --- a/docs/data-sources/application_networking_k8s_aws_target_group_policy_v1alpha1_manifest.md +++ b/docs/data-sources/application_networking_k8s_aws_target_group_policy_v1alpha1_manifest.md @@ -57,8 +57,8 @@ Required: Optional: - `health_check` (Attributes) The health check configuration. Changes to this value will update VPC Lattice resource in place. (see [below for nested schema](#nestedatt--spec--health_check)) -- `protocol` (String) The protocol to use for routing traffic to the targets. Supported values are HTTP (default) and HTTPS. Changes to this value results in a replacement of VPC Lattice target group. -- `protocol_version` (String) The protocol version to use. Supported values are HTTP1 (default) and HTTP2. When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. Changes to this value results in a replacement of VPC Lattice target group. +- `protocol` (String) The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. Changes to this value results in a replacement of VPC Lattice target group. +- `protocol_version` (String) The protocol version to use. Supported values are HTTP1 (default) and HTTP2. When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. Changes to this value results in a replacement of VPC Lattice target group. ### Nested Schema for `spec.target_ref` @@ -85,7 +85,7 @@ Optional: - `path` (String) The destination for health checks on the targets. - `port` (Number) The port used when performing health checks on targets. If not specified, health check defaults to the port that a target receives traffic on. - `protocol` (String) The protocol used when performing health checks on targets. -- `protocol_version` (String) The protocol version used when performing health checks on targets. Defaults to HTTP/1. +- `protocol_version` (String) The protocol version used when performing health checks on targets. - `status_match` (String) A regular expression to match HTTP status codes when checking for successful response from a target. - `timeout_seconds` (Number) The amount of time, in seconds, to wait before reporting a target as unhealthy. - `unhealthy_threshold_count` (Number) The number of consecutive failed health checks required before considering a target unhealthy. diff --git a/docs/data-sources/apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest.md index 66302a9a1..9b200ff34 100644 --- a/docs/data-sources/apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - BackupPolicyTemplate should be provided by addon developers and is linked to a ClusterDefinition and its associated ComponentDefinitions. It is responsible for generating BackupPolicies for Components that require backup operations, also determining the suitable backup methods and strategies. This template is automatically selected based on the specified ClusterDefinition and ComponentDefinitions when a Cluster is created. + BackupPolicyTemplate should be provided by addon developers and is linked to a ClusterDefinitionand its associated ComponentDefinitions.It is responsible for generating BackupPolicies for Components that require backup operations,also determining the suitable backup methods and strategies.This template is automatically selected based on the specified ClusterDefinition and ComponentDefinitionswhen a Cluster is created. --- # k8s_apps_kubeblocks_io_backup_policy_template_v1alpha1_manifest (Data Source) -BackupPolicyTemplate should be provided by addon developers and is linked to a ClusterDefinition and its associated ComponentDefinitions. It is responsible for generating BackupPolicies for Components that require backup operations, also determining the suitable backup methods and strategies. This template is automatically selected based on the specified ClusterDefinition and ComponentDefinitions when a Cluster is created. +BackupPolicyTemplate should be provided by addon developers and is linked to a ClusterDefinitionand its associated ComponentDefinitions.It is responsible for generating BackupPolicies for Components that require backup operations,also determining the suitable backup methods and strategies.This template is automatically selected based on the specified ClusterDefinition and ComponentDefinitionswhen a Cluster is created. ## Example Usage @@ -54,12 +54,12 @@ Optional: Required: -- `backup_policies` (Attributes List) Represents an array of BackupPolicy templates, with each template corresponding to a specified ComponentDefinition or to a group of ComponentDefinitions that are different versions of definitions of the same component. (see [below for nested schema](#nestedatt--spec--backup_policies)) +- `backup_policies` (Attributes List) Represents an array of BackupPolicy templates, with each template corresponding to a specified ComponentDefinitionor to a group of ComponentDefinitions that are different versions of definitions of the same component. (see [below for nested schema](#nestedatt--spec--backup_policies)) Optional: -- `cluster_definition_ref` (String) Specifies the name of a ClusterDefinition. This is an immutable attribute that cannot be changed after creation. And this field is deprecated since v0.9, consider using the ComponentDef instead. -- `identifier` (String) Specifies a unique identifier for the BackupPolicyTemplate. This identifier will be used as the suffix of the name of automatically generated BackupPolicy. This prevents unintended overwriting of BackupPolicies due to name conflicts when multiple BackupPolicyTemplates are present. For instance, using 'backup-policy' for regular backups and 'backup-policy-hscale' for horizontal-scale ops can differentiate the policies. +- `cluster_definition_ref` (String) Specifies the name of a ClusterDefinition.This is an immutable attribute that cannot be changed after creation.And this field is deprecated since v0.9, consider using the ComponentDef instead. +- `identifier` (String) Specifies a unique identifier for the BackupPolicyTemplate.This identifier will be used as the suffix of the name of automatically generated BackupPolicy.This prevents unintended overwriting of BackupPolicies due to name conflicts when multiple BackupPolicyTemplatesare present.For instance, using 'backup-policy' for regular backups and 'backup-policy-hscale' for horizontal-scale opscan differentiate the policies. ### Nested Schema for `spec.backup_policies` @@ -71,10 +71,10 @@ Required: Optional: - `backoff_limit` (Number) Specifies the maximum number of retry attempts for a backup before it is considered a failure. -- `component_def_ref` (String) Specifies the name of ClusterComponentDefinition defined in the ClusterDefinition. Must comply with the IANA Service Naming rule. Deprecated since v0.9, should use 'componentDefs' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `component_defs` (List of String) Specifies a list of names of ComponentDefinitions that the specified ClusterDefinition references. They should be different versions of definitions of the same component, thus allowing them to share a single BackupPolicy. Each name must adhere to the IANA Service Naming rule. -- `schedules` (Attributes List) Defines the execution plans for backup tasks, specifying when and how backups should occur, and the retention period of backup files. (see [below for nested schema](#nestedatt--spec--backup_policies--schedules)) -- `target` (Attributes) Defines the selection criteria of instance to be backed up, and the connection credential to be used during the backup process. (see [below for nested schema](#nestedatt--spec--backup_policies--target)) +- `component_def_ref` (String) Specifies the name of ClusterComponentDefinition defined in the ClusterDefinition.Must comply with the IANA Service Naming rule.Deprecated since v0.9, should use 'componentDefs' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `component_defs` (List of String) Specifies a list of names of ComponentDefinitions that the specified ClusterDefinition references.They should be different versions of definitions of the same component,thus allowing them to share a single BackupPolicy.Each name must adhere to the IANA Service Naming rule. +- `schedules` (Attributes List) Defines the execution plans for backup tasks, specifying when and how backups should occur,and the retention period of backup files. (see [below for nested schema](#nestedatt--spec--backup_policies--schedules)) +- `target` (Attributes) Defines the selection criteria of instance to be backed up, and the connection credential to be usedduring the backup process. (see [below for nested schema](#nestedatt--spec--backup_policies--target)) ### Nested Schema for `spec.backup_policies.backup_methods` @@ -85,14 +85,14 @@ Required: Optional: -- `action_set_name` (String) Refers to the ActionSet object that defines the backup actions. For volume snapshot backup, the actionSet is not required, the controller will use the CSI volume snapshotter to create the snapshot. +- `action_set_name` (String) Refers to the ActionSet object that defines the backup actions.For volume snapshot backup, the actionSet is not required, the controllerwill use the CSI volume snapshotter to create the snapshot. - `env` (Attributes List) Specifies the environment variables for the backup workload. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env)) -- `env_mapping` (Attributes List) Specifies a mapping of an environment variable key to the appropriate version of the tool image required for backups, as determined by ClusterVersion and ComponentDefinition. The environment variable is then injected into the container executing the backup task. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping)) +- `env_mapping` (Attributes List) Specifies a mapping of an environment variable key to the appropriate version of the tool imagerequired for backups, as determined by ClusterVersion and ComponentDefinition.The environment variable is then injected into the container executing the backup task. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping)) - `runtime_settings` (Attributes) Specifies runtime settings for the backup workload container. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--runtime_settings)) -- `snapshot_volumes` (Boolean) Specifies whether to take snapshots of persistent volumes. If true, the ActionSetName is not required, the controller will use the CSI volume snapshotter to create the snapshot. +- `snapshot_volumes` (Boolean) Specifies whether to take snapshots of persistent volumes. If true,the ActionSetName is not required, the controller will use the CSI volumesnapshotter to create the snapshot. - `target` (Attributes) Specifies the target information to back up, it will override the target in backup policy. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target)) - `target_volumes` (Attributes) Specifies which volumes from the target should be mounted in the backup workload. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target_volumes)) -- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes details such as the target pod and cluster connection credentials. All specified targets will be backed up collectively. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets)) +- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes detailssuch as the target pod and cluster connection credentials. All specified targetswill be backed up collectively. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets)) ### Nested Schema for `spec.backup_policies.backup_methods.env` @@ -103,7 +103,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from)) @@ -112,8 +112,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env--value_from--secret_key_ref)) @@ -125,7 +125,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -163,7 +163,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -175,14 +175,14 @@ Optional: Required: - `key` (String) Specifies the environment variable key in the mapping. -- `value_from` (Attributes) Specifies the source used to derive the value of the environment variable, which typically represents the tool image required for backup operation. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping--value_from)) +- `value_from` (Attributes) Specifies the source used to derive the value of the environment variable,which typically represents the tool image required for backup operation. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping--value_from)) ### Nested Schema for `spec.backup_policies.backup_methods.env_mapping.value_from` Optional: -- `cluster_version_ref` (Attributes List) Determine the appropriate version of the backup tool image from ClusterVersion. Deprecated since v0.9, since ClusterVersion is deprecated. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping--value_from--cluster_version_ref)) +- `cluster_version_ref` (Attributes List) Determine the appropriate version of the backup tool image from ClusterVersion.Deprecated since v0.9, since ClusterVersion is deprecated. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping--value_from--cluster_version_ref)) - `component_def` (Attributes List) Determine the appropriate version of the backup tool image from ComponentDefinition. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--env_mapping--value_from--component_def)) @@ -191,7 +191,7 @@ Optional: Required: - `mapping_value` (String) Specifies the appropriate version of the backup tool image. -- `names` (List of String) Represents an array of names of ClusterVersion or ComponentDefinition that can be mapped to the appropriate version of the backup tool image. This mapping allows different versions of component images to correspond to specific versions of backup tool images. +- `names` (List of String) Represents an array of names of ClusterVersion or ComponentDefinition that can be mapped tothe appropriate version of the backup tool image.This mapping allows different versions of component images to correspond to specific versions of backup tool images. @@ -200,7 +200,7 @@ Required: Required: - `mapping_value` (String) Specifies the appropriate version of the backup tool image. -- `names` (List of String) Represents an array of names of ClusterVersion or ComponentDefinition that can be mapped to the appropriate version of the backup tool image. This mapping allows different versions of component images to correspond to specific versions of backup tool images. +- `names` (List of String) Represents an array of names of ClusterVersion or ComponentDefinition that can be mapped tothe appropriate version of the backup tool image.This mapping allows different versions of component images to correspond to specific versions of backup tool images. @@ -210,23 +210,23 @@ Required: Optional: -- `resources` (Attributes) Specifies the resource required by container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--runtime_settings--resources)) +- `resources` (Attributes) Specifies the resource required by container.More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--runtime_settings--resources)) ### Nested Schema for `spec.backup_policies.backup_methods.runtime_settings.resources` Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--runtime_settings--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--runtime_settings--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.backup_policies.backup_methods.runtime_settings.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -236,18 +236,18 @@ Required: Required: -- `role` (String) Specifies the role to select one or more replicas for backup. - If no replica with the specified role exists, the backup task will fail. Special case: If there is only one replica in the cluster, it will be used for backup, even if its role differs from the specified one. For example, if you specify backing up on a secondary replica, but the cluster is single-node with only one primary replica, the primary will be used for backup. Future versions will address this special case using role priorities. - If multiple replicas satisfy the specified role, the choice ('Any' or 'All') will be made according to the 'strategy' field below. +- `role` (String) Specifies the role to select one or more replicas for backup.- If no replica with the specified role exists, the backup task will fail. Special case: If there is only one replica in the cluster, it will be used for backup, even if its role differs from the specified one. For example, if you specify backing up on a secondary replica, but the cluster is single-node with only one primary replica, the primary will be used for backup. Future versions will address this special case using role priorities.- If multiple replicas satisfy the specified role, the choice ('Any' or 'All') will be made according to the 'strategy' field below. Optional: -- `account` (String) If 'backupPolicy.componentDefs' is set, this field is required to specify the system account name. This account must match one listed in 'componentDefinition.spec.systemAccounts[*].name'. The corresponding secret created by this account is used to connect to the database. If 'backupPolicy.componentDefRef' (a legacy and deprecated API) is set, the secret defined in 'clusterDefinition.spec.ConnectionCredential' is used instead. +- `account` (String) If 'backupPolicy.componentDefs' is set, this field is required to specify the system account name.This account must match one listed in 'componentDefinition.spec.systemAccounts[*].name'.The corresponding secret created by this account is used to connect to the database.If 'backupPolicy.componentDefRef' (a legacy and deprecated API) is set, the secret defined in'clusterDefinition.spec.ConnectionCredential' is used instead. - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--connection_credential)) -- `connection_credential_key` (Attributes) Specifies the keys of the connection credential secret defined in 'clusterDefinition.spec.ConnectionCredential'. It will be ignored when the 'account' is set. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--connection_credential_key)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `connection_credential_key` (Attributes) Specifies the keys of the connection credential secret defined in 'clusterDefinition.spec.ConnectionCredential'.It will be ignored when the 'account' is set. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--connection_credential_key)) +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. -- `strategy` (String) Specifies the PodSelectionStrategy to use when multiple pods are selected for the backup target. Valid values are: - Any: Selects any one pod that matches the labelsSelector. - All: Selects all pods that match the labelsSelector. +- `strategy` (String) Specifies the PodSelectionStrategy to use when multiple pods areselected for the backup target.Valid values are:- Any: Selects any one pod that matches the labelsSelector.- All: Selects all pods that match the labelsSelector. ### Nested Schema for `spec.backup_policies.backup_methods.target.connection_credential` @@ -259,7 +259,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -270,9 +270,9 @@ Optional: Optional: - `host_key` (String) Defines the key of the host in the connection credential secret. -- `password_key` (String) Represents the key of the password in the connection credential secret. If not specified, the default key 'password' is used. +- `password_key` (String) Represents the key of the password in the connection credential secret.If not specified, the default key 'password' is used. - `port_key` (String) Indicates map key of the port in the connection credential secret. -- `username_key` (String) Represents the key of the username in the connection credential secret. If not specified, the default key 'username' is used. +- `username_key` (String) Represents the key of the username in the connection credential secret.If not specified, the default key 'username' is used. @@ -281,8 +281,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.backup_policies.backup_methods.target.pod_selector.match_expressions` @@ -290,11 +290,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -303,9 +303,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--resources--selector)) ### Nested Schema for `spec.backup_policies.backup_methods.target.resources.selector` @@ -313,7 +313,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.backup_policies.backup_methods.target.resources.selector.match_expressions` @@ -321,11 +321,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -337,22 +337,22 @@ Optional: Optional: - `volume_mounts` (Attributes List) Specifies the mount for the volumes specified in 'volumes' section. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--target_volumes--volume_mounts)) -- `volumes` (List of String) Specifies the list of volumes of targeted application that should be mounted on the backup workload. +- `volumes` (List of String) Specifies the list of volumes of targeted application that should be mountedon the backup workload. ### Nested Schema for `spec.backup_policies.backup_methods.target_volumes.volume_mounts` Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -362,7 +362,7 @@ Optional: Optional: - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--connection_credential)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. @@ -377,7 +377,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -388,8 +388,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.backup_policies.backup_methods.targets.pod_selector.match_expressions` @@ -397,11 +397,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -410,9 +410,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--resources--selector)) ### Nested Schema for `spec.backup_policies.backup_methods.targets.resources.selector` @@ -420,7 +420,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_policies--backup_methods--targets--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.backup_policies.backup_methods.targets.resources.selector.match_expressions` @@ -428,11 +428,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -445,12 +445,12 @@ Optional: Required: - `backup_method` (String) Defines the backup method name that is defined in backupPolicy. -- `cron_expression` (String) Represents the cron expression for schedule, with the timezone set in UTC. Refer to https://en.wikipedia.org/wiki/Cron for more details. +- `cron_expression` (String) Represents the cron expression for schedule, with the timezone set in UTC.Refer to https://en.wikipedia.org/wiki/Cron for more details. Optional: - `enabled` (Boolean) Specifies whether the backup schedule is enabled or not. -- `retention_period` (String) Determines the duration for which the backup should be retained. The controller will remove all backups that are older than the RetentionPeriod. For instance, a RetentionPeriod of '30d' will retain only the backups from the last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m These durations can also be combined, for example: 30d12h30m. +- `retention_period` (String) Determines the duration for which the backup should be retained.The controller will remove all backups that are older than the RetentionPeriod.For instance, a RetentionPeriod of '30d' will retain only the backups from the last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mThese durations can also be combined, for example: 30d12h30m. @@ -458,13 +458,13 @@ Optional: Required: -- `role` (String) Specifies the role to select one or more replicas for backup. - If no replica with the specified role exists, the backup task will fail. Special case: If there is only one replica in the cluster, it will be used for backup, even if its role differs from the specified one. For example, if you specify backing up on a secondary replica, but the cluster is single-node with only one primary replica, the primary will be used for backup. Future versions will address this special case using role priorities. - If multiple replicas satisfy the specified role, the choice ('Any' or 'All') will be made according to the 'strategy' field below. +- `role` (String) Specifies the role to select one or more replicas for backup.- If no replica with the specified role exists, the backup task will fail. Special case: If there is only one replica in the cluster, it will be used for backup, even if its role differs from the specified one. For example, if you specify backing up on a secondary replica, but the cluster is single-node with only one primary replica, the primary will be used for backup. Future versions will address this special case using role priorities.- If multiple replicas satisfy the specified role, the choice ('Any' or 'All') will be made according to the 'strategy' field below. Optional: -- `account` (String) If 'backupPolicy.componentDefs' is set, this field is required to specify the system account name. This account must match one listed in 'componentDefinition.spec.systemAccounts[*].name'. The corresponding secret created by this account is used to connect to the database. If 'backupPolicy.componentDefRef' (a legacy and deprecated API) is set, the secret defined in 'clusterDefinition.spec.ConnectionCredential' is used instead. -- `connection_credential_key` (Attributes) Specifies the keys of the connection credential secret defined in 'clusterDefinition.spec.ConnectionCredential'. It will be ignored when the 'account' is set. (see [below for nested schema](#nestedatt--spec--backup_policies--target--connection_credential_key)) -- `strategy` (String) Specifies the PodSelectionStrategy to use when multiple pods are selected for the backup target. Valid values are: - Any: Selects any one pod that matches the labelsSelector. - All: Selects all pods that match the labelsSelector. +- `account` (String) If 'backupPolicy.componentDefs' is set, this field is required to specify the system account name.This account must match one listed in 'componentDefinition.spec.systemAccounts[*].name'.The corresponding secret created by this account is used to connect to the database.If 'backupPolicy.componentDefRef' (a legacy and deprecated API) is set, the secret defined in'clusterDefinition.spec.ConnectionCredential' is used instead. +- `connection_credential_key` (Attributes) Specifies the keys of the connection credential secret defined in 'clusterDefinition.spec.ConnectionCredential'.It will be ignored when the 'account' is set. (see [below for nested schema](#nestedatt--spec--backup_policies--target--connection_credential_key)) +- `strategy` (String) Specifies the PodSelectionStrategy to use when multiple pods areselected for the backup target.Valid values are:- Any: Selects any one pod that matches the labelsSelector.- All: Selects all pods that match the labelsSelector. ### Nested Schema for `spec.backup_policies.target.connection_credential_key` @@ -472,6 +472,6 @@ Optional: Optional: - `host_key` (String) Defines the key of the host in the connection credential secret. -- `password_key` (String) Represents the key of the password in the connection credential secret. If not specified, the default key 'password' is used. +- `password_key` (String) Represents the key of the password in the connection credential secret.If not specified, the default key 'password' is used. - `port_key` (String) Indicates map key of the port in the connection credential secret. -- `username_key` (String) Represents the key of the username in the connection credential secret. If not specified, the default key 'username' is used. +- `username_key` (String) Represents the key of the username in the connection credential secret.If not specified, the default key 'username' is used. diff --git a/docs/data-sources/apps_kubeblocks_io_cluster_definition_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_cluster_definition_v1alpha1_manifest.md index 35d61df2b..7ea66c8fb 100644 --- a/docs/data-sources/apps_kubeblocks_io_cluster_definition_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_cluster_definition_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_cluster_definition_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ClusterDefinition defines the topology for databases or storage systems, offering a variety of topological configurations to meet diverse deployment needs and scenarios. It includes a list of Components, each linked to a ComponentDefinition, which enhances reusability and reduce redundancy. For example, widely used components such as etcd and Zookeeper can be defined once and reused across multiple ClusterDefinitions, simplifying the setup of new systems. Additionally, ClusterDefinition also specifies the sequence of startup, upgrade, and shutdown for Components, ensuring a controlled and predictable management of component lifecycles. + ClusterDefinition defines the topology for databases or storage systems,offering a variety of topological configurations to meet diverse deployment needs and scenarios.It includes a list of Components, each linked to a ComponentDefinition, which enhances reusability and reduce redundancy.For example, widely used components such as etcd and Zookeeper can be defined once and reused across multiple ClusterDefinitions,simplifying the setup of new systems.Additionally, ClusterDefinition also specifies the sequence of startup, upgrade, and shutdown for Components,ensuring a controlled and predictable management of component lifecycles. --- # k8s_apps_kubeblocks_io_cluster_definition_v1alpha1_manifest (Data Source) -ClusterDefinition defines the topology for databases or storage systems, offering a variety of topological configurations to meet diverse deployment needs and scenarios. It includes a list of Components, each linked to a ComponentDefinition, which enhances reusability and reduce redundancy. For example, widely used components such as etcd and Zookeeper can be defined once and reused across multiple ClusterDefinitions, simplifying the setup of new systems. Additionally, ClusterDefinition also specifies the sequence of startup, upgrade, and shutdown for Components, ensuring a controlled and predictable management of component lifecycles. +ClusterDefinition defines the topology for databases or storage systems,offering a variety of topological configurations to meet diverse deployment needs and scenarios.It includes a list of Components, each linked to a ComponentDefinition, which enhances reusability and reduce redundancy.For example, widely used components such as etcd and Zookeeper can be defined once and reused across multiple ClusterDefinitions,simplifying the setup of new systems.Additionally, ClusterDefinition also specifies the sequence of startup, upgrade, and shutdown for Components,ensuring a controlled and predictable management of component lifecycles. ## Example Usage @@ -54,23 +54,23 @@ Optional: Optional: -- `component_defs` (Attributes List) Provides the definitions for the cluster components. Deprecated since v0.9. Components should now be individually defined using ComponentDefinition and collectively referenced via 'topology.components'. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--component_defs)) -- `connection_credential` (Map of String) Connection credential template used for creating a connection credential secret for cluster objects. Built-in objects are: - '$(RANDOM_PASSWD)' random 8 characters. - '$(STRONG_RANDOM_PASSWD)' random 16 characters, with mixed cases, digits and symbols. - '$(UUID)' generate a random UUID v4 string. - '$(UUID_B64)' generate a random UUID v4 BASE64 encoded string. - '$(UUID_STR_B64)' generate a random UUID v4 string then BASE64 encoded. - '$(UUID_HEX)' generate a random UUID v4 HEX representation. - '$(HEADLESS_SVC_FQDN)' headless service FQDN placeholder, value pattern is '$(CLUSTER_NAME)-$(1ST_COMP_NAME)-headless.$(NAMESPACE).svc', where 1ST_COMP_NAME is the 1st component that provide 'ClusterDefinition.spec.componentDefs[].service' attribute; - '$(SVC_FQDN)' service FQDN placeholder, value pattern is '$(CLUSTER_NAME)-$(1ST_COMP_NAME).$(NAMESPACE).svc', where 1ST_COMP_NAME is the 1st component that provide 'ClusterDefinition.spec.componentDefs[].service' attribute; - '$(SVC_PORT_{PORT-NAME})' is ServicePort's port value with specified port name, i.e, a servicePort JSON struct: '{'name': 'mysql', 'targetPort': 'mysqlContainerPort', 'port': 3306}', and '$(SVC_PORT_mysql)' in the connection credential value is 3306. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `component_defs` (Attributes List) Provides the definitions for the cluster components.Deprecated since v0.9.Components should now be individually defined using ComponentDefinition andcollectively referenced via 'topology.components'.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--component_defs)) +- `connection_credential` (Map of String) Connection credential template used for creating a connection credential secret for cluster objects.Built-in objects are:- '$(RANDOM_PASSWD)' random 8 characters.- '$(STRONG_RANDOM_PASSWD)' random 16 characters, with mixed cases, digits and symbols.- '$(UUID)' generate a random UUID v4 string.- '$(UUID_B64)' generate a random UUID v4 BASE64 encoded string.- '$(UUID_STR_B64)' generate a random UUID v4 string then BASE64 encoded.- '$(UUID_HEX)' generate a random UUID v4 HEX representation.- '$(HEADLESS_SVC_FQDN)' headless service FQDN placeholder, value pattern is '$(CLUSTER_NAME)-$(1ST_COMP_NAME)-headless.$(NAMESPACE).svc', where 1ST_COMP_NAME is the 1st component that provide 'ClusterDefinition.spec.componentDefs[].service' attribute;- '$(SVC_FQDN)' service FQDN placeholder, value pattern is '$(CLUSTER_NAME)-$(1ST_COMP_NAME).$(NAMESPACE).svc', where 1ST_COMP_NAME is the 1st component that provide 'ClusterDefinition.spec.componentDefs[].service' attribute;- '$(SVC_PORT_{PORT-NAME})' is ServicePort's port value with specified port name, i.e, a servicePort JSON struct: '{'name': 'mysql', 'targetPort': 'mysqlContainerPort', 'port': 3306}', and '$(SVC_PORT_mysql)' in the connection credential value is 3306.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - `topologies` (Attributes List) Topologies defines all possible topologies within the cluster. (see [below for nested schema](#nestedatt--spec--topologies)) -- `type` (String) Specifies the well-known database type, such as mysql, redis, or mongodb. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `type` (String) Specifies the well-known database type, such as mysql, redis, or mongodb.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. ### Nested Schema for `spec.component_defs` Required: -- `name` (String) This name could be used as default name of 'cluster.spec.componentSpecs.name', and needs to conform with same validation rules as 'cluster.spec.componentSpecs.name', currently complying with IANA Service Naming rule. This name will apply to cluster objects as the value of label 'apps.kubeblocks.io/component-name'. -- `workload_type` (String) Defines the type of the workload. - 'Stateless' describes stateless applications. - 'Stateful' describes common stateful applications. - 'Consensus' describes applications based on consensus protocols, such as raft and paxos. - 'Replication' describes applications based on the primary-secondary data replication protocol. +- `name` (String) This name could be used as default name of 'cluster.spec.componentSpecs.name', and needs to conform with samevalidation rules as 'cluster.spec.componentSpecs.name', currently complying with IANA Service Naming rule.This name will apply to cluster objects as the value of label 'apps.kubeblocks.io/component-name'. +- `workload_type` (String) Defines the type of the workload.- 'Stateless' describes stateless applications.- 'Stateful' describes common stateful applications.- 'Consensus' describes applications based on consensus protocols, such as raft and paxos.- 'Replication' describes applications based on the primary-secondary data replication protocol. Optional: - `character_type` (String) Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql). -- `component_def_ref` (Attributes List) Used to inject values from other components into the current component. Values will be saved and updated in a configmap and mounted to the current component. (see [below for nested schema](#nestedatt--spec--component_defs--component_def_ref)) +- `component_def_ref` (Attributes List) Used to inject values from other components into the current component. Values will be saved and updated in aconfigmap and mounted to the current component. (see [below for nested schema](#nestedatt--spec--component_defs--component_def_ref)) - `config_specs` (Attributes List) Defines the template of configurations. (see [below for nested schema](#nestedatt--spec--component_defs--config_specs)) - `consensus_spec` (Attributes) Defines spec for 'Consensus' workloads. It's required if the workload type is 'Consensus'. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec)) - `custom_label_specs` (Attributes List) Used for custom label tags which you want to add to the component resources. (see [below for nested schema](#nestedatt--spec--component_defs--custom_label_specs)) @@ -78,21 +78,21 @@ Optional: - `exporter` (Attributes) Defines the metrics exporter. (see [below for nested schema](#nestedatt--spec--component_defs--exporter)) - `horizontal_scale_policy` (Attributes) Defines the behavior of horizontal scale. (see [below for nested schema](#nestedatt--spec--component_defs--horizontal_scale_policy)) - `log_configs` (Attributes List) Specify the logging files which can be observed and configured by cluster users. (see [below for nested schema](#nestedatt--spec--component_defs--log_configs)) -- `monitor` (Attributes) Deprecated since v0.9 monitor is monitoring config which provided by provider. (see [below for nested schema](#nestedatt--spec--component_defs--monitor)) +- `monitor` (Attributes) Deprecated since v0.9monitor is monitoring config which provided by provider. (see [below for nested schema](#nestedatt--spec--component_defs--monitor)) - `pod_spec` (Attributes) Defines the pod spec template of component. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec)) -- `post_start_spec` (Attributes) Defines the command to be executed when the component is ready, and the command will only be executed once after the component becomes ready. (see [below for nested schema](#nestedatt--spec--component_defs--post_start_spec)) +- `post_start_spec` (Attributes) Defines the command to be executed when the component is ready, and the command will only be executed once afterthe component becomes ready. (see [below for nested schema](#nestedatt--spec--component_defs--post_start_spec)) - `probes` (Attributes) Settings for health checks. (see [below for nested schema](#nestedatt--spec--component_defs--probes)) - `replication_spec` (Attributes) Defines spec for 'Replication' workloads. (see [below for nested schema](#nestedatt--spec--component_defs--replication_spec)) -- `rsm_spec` (Attributes) Defines workload spec of this component. From KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB. RSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec)) +- `rsm_spec` (Attributes) Defines workload spec of this component.From KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB.RSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec)) - `script_specs` (Attributes List) Defines the template of scripts. (see [below for nested schema](#nestedatt--spec--component_defs--script_specs)) - `service` (Attributes) Defines the service spec. (see [below for nested schema](#nestedatt--spec--component_defs--service)) - `service_ref_declarations` (Attributes List) Used to declare the service reference of the current component. (see [below for nested schema](#nestedatt--spec--component_defs--service_ref_declarations)) - `stateful_spec` (Attributes) Defines spec for 'Stateful' workloads. (see [below for nested schema](#nestedatt--spec--component_defs--stateful_spec)) - `stateless_spec` (Attributes) Defines spec for 'Stateless' workloads. (see [below for nested schema](#nestedatt--spec--component_defs--stateless_spec)) -- `switchover_spec` (Attributes) Defines command to do switchover. In particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed under the condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec)) +- `switchover_spec` (Attributes) Defines command to do switchover.In particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed underthe condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec)) - `system_accounts` (Attributes) Defines system accounts needed to manage the component, and the statement to create them. (see [below for nested schema](#nestedatt--spec--component_defs--system_accounts)) - `volume_protection_spec` (Attributes) Defines settings to do volume protect. (see [below for nested schema](#nestedatt--spec--component_defs--volume_protection_spec)) -- `volume_types` (Attributes List) Used to describe the purpose of the volumes mapping the name of the VolumeMounts in the PodSpec.Container field, such as data volume, log volume, etc. When backing up the volume, the volume can be correctly backed up according to the volumeType. For example: - 'name: data, type: data' means that the volume named 'data' is used to store 'data'. - 'name: binlog, type: log' means that the volume named 'binlog' is used to store 'log'. NOTE: When volumeTypes is not defined, the backup function will not be supported, even if a persistent volume has been specified. (see [below for nested schema](#nestedatt--spec--component_defs--volume_types)) +- `volume_types` (Attributes List) Used to describe the purpose of the volumes mapping the name of the VolumeMounts in the PodSpec.Container field,such as data volume, log volume, etc. When backing up the volume, the volume can be correctly backed up accordingto the volumeType.For example:- 'name: data, type: data' means that the volume named 'data' is used to store 'data'.- 'name: binlog, type: log' means that the volume named 'binlog' is used to store 'log'.NOTE: When volumeTypes is not defined, the backup function will not be supported, even if a persistent volume hasbeen specified. (see [below for nested schema](#nestedatt--spec--component_defs--volume_types)) ### Nested Schema for `spec.component_defs.component_def_ref` @@ -127,8 +127,8 @@ Required: Optional: -- `field_path` (String) The jsonpath of the source to select when the Type is 'FieldRef'. Two objects are registered in the jsonpath: 'componentDef' and 'components': - 'componentDef' is the component definition object specified in 'componentRef.componentDefName'. - 'components' are the component list objects referring to the component definition object. -- `format` (String) Defines the format of each headless service address. Three builtin variables can be used as placeholders: '$POD_ORDINAL', '$POD_FQDN', '$POD_NAME' - '$POD_ORDINAL' represents the ordinal of the pod. - '$POD_FQDN' represents the fully qualified domain name of the pod. - '$POD_NAME' represents the name of the pod. +- `field_path` (String) The jsonpath of the source to select when the Type is 'FieldRef'.Two objects are registered in the jsonpath: 'componentDef' and 'components':- 'componentDef' is the component definition object specified in 'componentRef.componentDefName'.- 'components' are the component list objects referring to the component definition object. +- `format` (String) Defines the format of each headless service address.Three builtin variables can be used as placeholders: '$POD_ORDINAL', '$POD_FQDN', '$POD_NAME'- '$POD_ORDINAL' represents the ordinal of the pod.- '$POD_FQDN' represents the fully qualified domain name of the pod.- '$POD_NAME' represents the name of the pod. - `join_with` (String) The string used to join the values of headless service addresses. @@ -140,18 +140,18 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0. Use 'injectEnvTo' instead. +- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image.Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0.Use 'injectEnvTo' instead. - `constraint_ref` (String) Specifies the name of the referenced configuration constraints object. -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. -- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates. A configuration template (provided in the form of a ConfigMap) may contain templates for multiple configuration files. Each configuration file corresponds to a key in the ConfigMap. Some of these configuration files may support dynamic modification and reloading without requiring a pod restart. If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, and ConfigConstraint applies to all keys. -- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization. The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the main template's render result to generate the final configuration file. This field is intended to handle scenarios where different pods within the same Component have varying configurations. It allows for pod-specific customization of the configuration. Note: This field will be deprecated in future versions, and the functionality will be moved to 'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--component_defs--config_specs--legacy_rendered_config_spec)) -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. -- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation or cluster topology. Examples: - Redis: adjust maxmemory after v-scale operation. - MySQL: increase max connections after v-scale operation. - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image. +- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates.A configuration template (provided in the form of a ConfigMap) may contain templates for multipleconfiguration files.Each configuration file corresponds to a key in the ConfigMap.Some of these configuration files may support dynamic modification and reloading without requiringa pod restart.If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,and ConfigConstraint applies to all keys. +- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization.The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the maintemplate's render result to generate the final configuration file.This field is intended to handle scenarios where different pods within the same Component havevarying configurations. It allows for pod-specific customization of the configuration.Note: This field will be deprecated in future versions, and the functionality will be moved to'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--component_defs--config_specs--legacy_rendered_config_spec)) +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. +- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.In some scenarios, the configuration may need to be updated to reflect the changes in resource allocationor cluster topology. Examples:- Redis: adjust maxmemory after v-scale operation.- MySQL: increase max connections after v-scale operation.- Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -163,7 +163,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `policy` (String) Defines the strategy for merging externally imported templates into component templates. @@ -179,9 +179,9 @@ Optional: - `followers` (Attributes List) Members of the consensus set that have voting rights but are not the leader. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec--followers)) - `learner` (Attributes) Represents a member of the consensus set that does not have voting rights. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec--learner)) -- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod is ready before continuing. Pods are removed in reverse order when scaling down. - 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once when scaling down. -- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a revision to the Template. 'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec--ll_update_strategy)) -- `update_strategy` (String) Specifies the strategy for updating Pods. For workloadType='Consensus', the update strategy can be one of the following: - 'Serial': Updates Members sequentially to minimize component downtime. - 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains online at all times. - 'Parallel': Forces parallel updates. +- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.- 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each podis ready before continuing. Pods are removed in reverse order when scaling down.- 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at oncewhen scaling down. +- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon arevision to the Template.'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec--ll_update_strategy)) +- `update_strategy` (String) Specifies the strategy for updating Pods.For workloadType='Consensus', the update strategy can be one of the following:- 'Serial': Updates Members sequentially to minimize component downtime.- 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains onlineat all times.- 'Parallel': Forces parallel updates. ### Nested Schema for `spec.component_defs.consensus_spec.leader` @@ -193,7 +193,7 @@ Required: Optional: -- `replicas` (Number) Indicates the number of Pods that perform this role. The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. +- `replicas` (Number) Indicates the number of Pods that perform this role.The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. @@ -206,7 +206,7 @@ Required: Optional: -- `replicas` (Number) Indicates the number of Pods that perform this role. The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. +- `replicas` (Number) Indicates the number of Pods that perform this role.The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. @@ -219,7 +219,7 @@ Required: Optional: -- `replicas` (Number) Indicates the number of Pods that perform this role. The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. +- `replicas` (Number) Indicates the number of Pods that perform this role.The default is 1 for 'Leader', 0 for 'Learner', others for 'Followers'. @@ -228,15 +228,15 @@ Optional: Optional: - `rolling_update` (Attributes) RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. (see [below for nested schema](#nestedatt--spec--component_defs--consensus_spec--ll_update_strategy--rolling_update)) -- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. +- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy.Default is RollingUpdate. ### Nested Schema for `spec.component_defs.consensus_spec.ll_update_strategy.rolling_update` Optional: -- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. -- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. +- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update.Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).Absolute number is calculated from percentage by rounding up. This can not be 0.Defaults to 1. This field is alpha-level and is only honored by servers that enable theMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 toReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, itwill be counted towards MaxUnavailable. +- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitionedfor updates. During a rolling update, all pods from ordinal Replicas-1 toPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.This is helpful in being able to do a canary based deployment. The default value is 0. @@ -258,7 +258,7 @@ Optional: Required: -- `gvk` (String) Represents the GVK of a resource, such as 'v1/Pod', 'apps/v1/StatefulSet', etc. When a resource matching this is found by the selector, a custom label will be added if it doesn't already exist, or updated if it does. +- `gvk` (String) Represents the GVK of a resource, such as 'v1/Pod', 'apps/v1/StatefulSet', etc.When a resource matching this is found by the selector, a custom label will be added if it doesn't already exist,or updated if it does. Optional: @@ -272,9 +272,9 @@ Optional: Optional: - `container_name` (String) Specifies the name of the built-in metrics exporter container. -- `scrape_path` (String) Specifies the http/https url path to scrape for metrics. If empty, Prometheus uses the default value (e.g. '/metrics'). +- `scrape_path` (String) Specifies the http/https url path to scrape for metrics.If empty, Prometheus uses the default value (e.g. '/metrics'). - `scrape_port` (String) Specifies the port name to scrape for metrics. -- `scrape_scheme` (String) Specifies the schema to use for scraping. 'http' and 'https' are the expected values unless you rewrite the '__scheme__' label via relabeling. If empty, Prometheus uses the default value 'http'. +- `scrape_scheme` (String) Specifies the schema to use for scraping.'http' and 'https' are the expected values unless you rewrite the '__scheme__' label via relabeling.If empty, Prometheus uses the default value 'http'. @@ -283,8 +283,8 @@ Optional: Optional: - `backup_policy_template_name` (String) Refers to the backup policy template. -- `type` (String) Determines the data synchronization method when a component scales out. The policy can be one of the following: {None, CloneVolume}. The default policy is 'None'. - 'None': This is the default policy. It creates an empty volume without data cloning. - 'CloneVolume': This policy clones data to newly scaled pods. It first tries to use a volume snapshot. If volume snapshot is not enabled, it will attempt to use a backup tool. If neither method works, it will report an error. - 'Snapshot': This policy is deprecated and is an alias for CloneVolume. -- `volume_mounts_name` (String) Specifies the volumeMount of the container to backup. This only works if Type is not None. If not specified, the first volumeMount will be selected. +- `type` (String) Determines the data synchronization method when a component scales out.The policy can be one of the following: {None, CloneVolume}. The default policy is 'None'.- 'None': This is the default policy. It creates an empty volume without data cloning.- 'CloneVolume': This policy clones data to newly scaled pods. It first tries to use a volume snapshot. If volume snapshot is not enabled, it will attempt to use a backup tool. If neither method works, it will report an error.- 'Snapshot': This policy is deprecated and is an alias for CloneVolume. +- `volume_mounts_name` (String) Specifies the volumeMount of the container to backup.This only works if Type is not None. If not specified, the first volumeMount will be selected. @@ -292,8 +292,8 @@ Optional: Required: -- `file_path_pattern` (String) Specifies the paths or patterns identifying where the log files are stored. This field allows the system to locate and manage log files effectively. Examples: - /home/postgres/pgdata/pgroot/data/log/postgresql-* - /data/mysql/log/mysqld-error.log -- `name` (String) Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file. It provides a clear identification of the log's purpose and content. +- `file_path_pattern` (String) Specifies the paths or patterns identifying where the log files are stored.This field allows the system to locate and manage log files effectively.Examples:- /home/postgres/pgdata/pgroot/data/log/postgresql-*- /data/mysql/log/mysqld-error.log +- `name` (String) Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file.It provides a clear identification of the log's purpose and content. @@ -301,8 +301,8 @@ Required: Optional: -- `built_in` (Boolean) builtIn is a switch to enable KubeBlocks builtIn monitoring. If BuiltIn is set to true, monitor metrics will be scraped automatically. If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. -- `exporter_config` (Attributes) exporterConfig provided by provider, which specify necessary information to Time Series Database. exporterConfig is valid when builtIn is false. (see [below for nested schema](#nestedatt--spec--component_defs--monitor--exporter_config)) +- `built_in` (Boolean) builtIn is a switch to enable KubeBlocks builtIn monitoring.If BuiltIn is set to true, monitor metrics will be scraped automatically.If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. +- `exporter_config` (Attributes) exporterConfig provided by provider, which specify necessary information to Time Series Database.exporterConfig is valid when builtIn is false. (see [below for nested schema](#nestedatt--spec--component_defs--monitor--exporter_config)) ### Nested Schema for `spec.component_defs.monitor.exporter_config` @@ -322,81 +322,81 @@ Optional: Required: -- `containers` (Attributes List) List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers)) +- `containers` (Attributes List) List of containers belonging to the pod.Containers cannot currently be added or removed.There must be at least one container in a Pod.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers)) Optional: -- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer. +- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative toStartTime before the system will actively try to mark it failed and kill associated containers.Value must be a positive integer. - `affinity` (Attributes) If specified, the pod's scheduling constraints (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity)) - `automount_service_account_token` (Boolean) AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. -- `dns_config` (Attributes) Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--dns_config)) -- `dns_policy` (String) Set DNS policy for the pod. Defaults to 'ClusterFirst'. Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. -- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true. -- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers)) -- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--host_aliases)) -- `host_ipc` (Boolean) Use the host's ipc namespace. Optional: Default to false. -- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. -- `host_pid` (Boolean) Use the host's pid namespace. Optional: Default to false. -- `host_users` (Boolean) Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. -- `hostname` (String) Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value. -- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--image_pull_secrets)) -- `init_containers` (Attributes List) List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers)) -- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `os` (Attributes) Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--os)) -- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md -- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. -- `priority` (Number) The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority. -- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and 'system-cluster-critical' are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default. -- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to 'True' More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--readiness_gates)) -- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--resource_claims)) -- `restart_policy` (String) Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy -- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class -- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler. -- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. SchedulingGates can only be set at pod creation time, and be removed only afterwards. This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--scheduling_gates)) -- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context)) -- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. -- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false. -- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. -- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'. If not specified, the pod will not have a domainname at all. -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds. +- `dns_config` (Attributes) Specifies the DNS parameters of a pod.Parameters specified here will be merged to the generated DNSconfiguration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--dns_config)) +- `dns_policy` (String) Set DNS policy for the pod.Defaults to 'ClusterFirst'.Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.To have DNS options set along with hostNetwork, you have to specify DNS policyexplicitly to 'ClusterFirstWithHostNet'. +- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod'senvironment variables, matching the syntax of Docker links.Optional: Defaults to true. +- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existingpod to perform user-initiated actions such as debugging. This list cannot be specified whencreating a pod, and it cannot be modified by updating the pod spec. In order to add anephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers)) +- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hostsfile if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--host_aliases)) +- `host_ipc` (Boolean) Use the host's ipc namespace.Optional: Default to false. +- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace.If this option is set, the ports that will be used must be specified.Default to false. +- `host_pid` (Boolean) Use the host's pid namespace.Optional: Default to false. +- `host_users` (Boolean) Use the host's user namespace.Optional: Default to true.If set to true or not present, the pod will be run in the host user namespace, usefulfor when the pod needs a feature only available to the host user namespace, such asloading a kernel module with CAP_SYS_MODULE.When set to false, a new userns is created for the pod. Setting false is useful formitigating container breakout vulnerabilities even allowing users to run theircontainers as root without actually having root privileges on the host.This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. +- `hostname` (String) Specifies the hostname of the PodIf not specified, the pod's hostname will be set to a system-defined value. +- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.If specified, these secrets will be passed to individual puller implementations for them to use.More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--image_pull_secrets)) +- `init_containers` (Attributes List) List of initialization containers belonging to the pod.Init containers are executed in order prior to containers being started. If anyinit container fails, the pod is considered to have failed and is handled accordingto its restartPolicy. The name for an init container or normal container must beunique among all containers.Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.The resourceRequirements of an init container are taken into account during schedulingby finding the highest request/limit for each resource type, and then using the max ofof that value or the sum of the normal containers. Limits are applied to init containersin a similar fashion.Init containers cannot currently be added or removed.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers)) +- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty,the scheduler simply schedules this pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node.Selector which must match a node's labels for the pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `os` (Attributes) Specifies the OS of the containers in the pod.Some pod and container fields are restricted if this is set.If the OS field is set to linux, the following fields must be unset:-securityContext.windowsOptionsIf the OS field is set to windows, following fields must be unset:- spec.hostPID- spec.hostIPC- spec.hostUsers- spec.securityContext.seLinuxOptions- spec.securityContext.seccompProfile- spec.securityContext.fsGroup- spec.securityContext.fsGroupChangePolicy- spec.securityContext.sysctls- spec.shareProcessNamespace- spec.securityContext.runAsUser- spec.securityContext.runAsGroup- spec.securityContext.supplementalGroups- spec.containers[*].securityContext.seLinuxOptions- spec.containers[*].securityContext.seccompProfile- spec.containers[*].securityContext.capabilities- spec.containers[*].securityContext.readOnlyRootFilesystem- spec.containers[*].securityContext.privileged- spec.containers[*].securityContext.allowPrivilegeEscalation- spec.containers[*].securityContext.procMount- spec.containers[*].securityContext.runAsUser- spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--os)) +- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.This field will be autopopulated at admission time by the RuntimeClass admission controller. Ifthe RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.The RuntimeClass admission controller will reject Pod create requests which have the overhead alreadyset. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the valuedefined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md +- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority.One of Never, PreemptLowerPriority.Defaults to PreemptLowerPriority if unset. +- `priority` (Number) The priority value. Various system components use this field to find thepriority of the pod. When Priority Admission Controller is enabled, itprevents users from setting this field. The admission controller populatesthis field from PriorityClassName.The higher the value, the higher the priority. +- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and'system-cluster-critical' are two special keywords which indicate thehighest priorities with the former being the highest priority. Any othername must be defined by creating a PriorityClass object with that name.If not specified, the pod priority will be default or zero if there is nodefault. +- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness.A pod is ready when all its containers are ready ANDall conditions specified in the readiness gates have status equal to 'True'More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--readiness_gates)) +- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocatedand reserved before the Pod is allowed to start. The resourceswill be made available to those containers which consume themby name.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--resource_claims)) +- `restart_policy` (String) Restart policy for all containers within the pod.One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.Default to Always.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy +- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be usedto run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with anempty definition that uses the default runtime handler.More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class +- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler.If not specified, the pod will be dispatched by default scheduler. +- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod.If schedulingGates is not empty, the pod will stay in the SchedulingGated state and thescheduler will not attempt to schedule the pod.SchedulingGates can only be set at pod creation time, and be removed only afterwards.This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--scheduling_gates)) +- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings.Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context)) +- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.Deprecated: Use serviceAccountName instead. +- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod.More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN.If a pod does not have FQDN, this has no effect.Default to false. +- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod.When this is set containers will be able to view and signal processes from other containersin the same pod, and the first process in each container will not be assigned PID 1.HostPID and ShareProcessNamespace cannot both be set.Optional: Default to false. +- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'.If not specified, the pod will not have a domainname at all. +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).If this value is nil, the default grace period will be used instead.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.Defaults to 30 seconds. - `tolerations` (Attributes List) If specified, the pod's tolerations. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--topology_spread_constraints)) -- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topologydomains. Scheduler will schedule pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--topology_spread_constraints)) +- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes)) ### Nested Schema for `spec.component_defs.pod_spec.containers` Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.component_defs.pod_spec.containers.env` @@ -407,7 +407,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from)) @@ -416,8 +416,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--env--value_from--secret_key_ref)) @@ -429,7 +429,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -467,7 +467,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -487,7 +487,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -496,7 +496,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -506,8 +506,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop)) ### Nested Schema for `spec.component_defs.pod_spec.containers.lifecycle.post_start` @@ -516,14 +516,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -531,21 +531,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -555,7 +555,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -570,14 +570,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -585,21 +585,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -609,7 +609,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -624,22 +624,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -651,7 +651,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -659,21 +659,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -683,7 +683,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -696,14 +696,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -712,22 +712,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -739,7 +739,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -747,21 +747,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -771,7 +771,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -784,8 +784,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -793,16 +793,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_defs.pod_spec.containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -811,17 +811,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--security_context--windows_options)) ### Nested Schema for `spec.component_defs.pod_spec.containers.security_context.capabilities` @@ -848,11 +848,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -860,10 +860,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -873,22 +873,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -900,7 +900,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -908,21 +908,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -932,7 +932,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -954,15 +954,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -980,8 +980,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_defs.pod_spec.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1005,11 +1005,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1018,11 +1018,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1048,11 +1048,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1061,11 +1061,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1076,8 +1076,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1085,20 +1085,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1106,7 +1106,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1114,11 +1114,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1128,7 +1128,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1136,11 +1136,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1151,13 +1151,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1165,7 +1165,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1173,11 +1173,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1187,7 +1187,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1195,11 +1195,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1210,8 +1210,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1219,20 +1219,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1240,7 +1240,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1248,11 +1248,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1262,7 +1262,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1270,11 +1270,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1285,13 +1285,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1299,7 +1299,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1307,11 +1307,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1321,7 +1321,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1329,11 +1329,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1345,9 +1345,9 @@ Optional: Optional: -- `nameservers` (List of String) A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed. -- `options` (Attributes List) A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--dns_config--options)) -- `searches` (List of String) A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed. +- `nameservers` (List of String) A list of DNS name server IP addresses.This will be appended to the base nameservers generated from DNSPolicy.Duplicated nameservers will be removed. +- `options` (Attributes List) A list of DNS resolver options.This will be merged with the base options generated from DNSPolicy.Duplicated entries will be removed. Resolution options given in Optionswill override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--dns_config--options)) +- `searches` (List of String) A list of DNS search domains for host-name lookup.This will be appended to the base search paths generated from DNSPolicy.Duplicated search paths will be removed. ### Nested Schema for `spec.component_defs.pod_spec.dns_config.options` @@ -1364,34 +1364,34 @@ Optional: Required: -- `name` (String) Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers. +- `name` (String) Name of the ephemeral container specified as a DNS_LABEL.This name must be unique among all containers, init containers and ephemeral containers. Optional: -- `args` (List of String) Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `args` (List of String) Arguments to the entrypoint.The image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/images +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - `lifecycle` (Attributes) Lifecycle is not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle)) - `liveness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe)) - `ports` (Attributes List) Ports are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--ports)) - `readiness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--resize_policy)) -- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--resources)) -- `restart_policy` (String) Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers. -- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context)) +- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resourcesalready allocated to the pod. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--resources)) +- `restart_policy` (String) Restart policy for the container to manage the restart behavior of eachcontainer within a pod.This may only be set for init containers. You cannot set this field onephemeral containers. +- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context)) - `startup_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined. -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets.The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.If not set then the ephemeral container uses the namespaces configured in the Pod spec.The container runtime must implement support for this feature. If the runtime does notsupport namespace targeting then the result of setting this field is undefined. +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.env` @@ -1402,7 +1402,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from)) @@ -1411,8 +1411,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--env--value_from--secret_key_ref)) @@ -1424,7 +1424,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1462,7 +1462,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1482,7 +1482,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -1491,7 +1491,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -1501,8 +1501,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.lifecycle.post_start` @@ -1511,14 +1511,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1526,21 +1526,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1550,7 +1550,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1565,14 +1565,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1580,21 +1580,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1604,7 +1604,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1619,22 +1619,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1646,7 +1646,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1654,21 +1654,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1678,7 +1678,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1691,14 +1691,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -1707,22 +1707,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1734,7 +1734,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1742,21 +1742,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1766,7 +1766,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1779,8 +1779,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -1788,16 +1788,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1806,17 +1806,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--security_context--windows_options)) ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.security_context.capabilities` @@ -1843,11 +1843,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -1855,10 +1855,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -1868,22 +1868,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1895,7 +1895,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1903,21 +1903,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--ephemeral_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.ephemeral_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1927,7 +1927,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1949,15 +1949,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -1975,7 +1975,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1983,33 +1983,33 @@ Optional: Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.env` @@ -2020,7 +2020,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from)) @@ -2029,8 +2029,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--env--value_from--secret_key_ref)) @@ -2042,7 +2042,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -2080,7 +2080,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -2100,7 +2100,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -2109,7 +2109,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -2119,8 +2119,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.component_defs.pod_spec.init_containers.lifecycle.post_start` @@ -2129,14 +2129,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.init_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2144,21 +2144,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2168,7 +2168,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2183,14 +2183,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.component_defs.pod_spec.init_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2198,21 +2198,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2222,7 +2222,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2237,22 +2237,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.init_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2264,7 +2264,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2272,21 +2272,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2296,7 +2296,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2309,14 +2309,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -2325,22 +2325,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.init_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2352,7 +2352,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2360,21 +2360,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2384,7 +2384,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2397,8 +2397,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -2406,16 +2406,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_defs.pod_spec.init_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2424,17 +2424,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--security_context--windows_options)) ### Nested Schema for `spec.component_defs.pod_spec.init_containers.security_context.capabilities` @@ -2461,11 +2461,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2473,10 +2473,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2486,22 +2486,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.component_defs.pod_spec.init_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2513,7 +2513,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2521,21 +2521,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--init_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.component_defs.pod_spec.init_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2545,7 +2545,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2567,15 +2567,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -2584,7 +2584,7 @@ Optional: Required: -- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null +- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows.Additional value may be defined in future and can be one of:https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configurationClients should expect to handle additional values and treat unrecognized values in this field as os: null @@ -2600,7 +2600,7 @@ Required: Required: -- `name` (String) Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL. +- `name` (String) Name uniquely identifies this resource claim inside the pod.This must be a DNS_LABEL. Optional: @@ -2611,8 +2611,8 @@ Optional: Optional: -- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. -- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. +- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the samenamespace as this pod. +- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplateobject in the same namespace as this pod.The template will be used to create a new ResourceClaim, which willbe bound to this pod. When this pod is deleted, the ResourceClaimwill also be deleted. The pod name and resource name, along with agenerated component, will be used to form a unique name for theResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.This field is immutable and no changes will be made to thecorresponding ResourceClaim by the control plane after creating theResourceClaim. @@ -2621,7 +2621,7 @@ Optional: Required: -- `name` (String) Name of the scheduling gate. Each scheduling gate must have a unique name field. +- `name` (String) Name of the scheduling gate.Each scheduling gate must have a unique name field. @@ -2629,16 +2629,16 @@ Required: Optional: -- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. -- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--seccomp_profile)) -- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. -- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--sysctls)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--windows_options)) +- `fs_group` (Number) A special supplemental group that applies to all containers in a pod.Some volume types allow the Kubelet to change the ownership of that volumeto be owned by the pod:1. The owning GID will be the FSGroup2. The setgid bit is set (new files created in the volume will be owned by FSGroup)3. The permission bits are OR'd with rw-rw----If unset, the Kubelet will not modify the ownership and permissions of any volume.Note that this field cannot be set when spec.os.name is windows. +- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volumebefore being exposed inside Pod. This field will only apply tovolume types which support fsGroup based ownership(and permissions).It will have no effect on ephemeral volume types such as: secret, configmapsand emptydir.Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to all containers.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in SecurityContext. If set inboth SecurityContext and PodSecurityContext, the value specified in SecurityContexttakes precedence for that container.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--seccomp_profile)) +- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in additionto the container's primary GID, the fsGroup (if specified), and group membershipsdefined in the container image for the uid of the container process. If unspecified,no additional groups are added to any container. Note that group membershipsdefined in the container image for the uid of the container process are still effective,even if they are not included in this list.Note that this field cannot be set when spec.os.name is windows. +- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupportedsysctls (by the container runtime) might fail to launch.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--sysctls)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options within a container's SecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--security_context--windows_options)) ### Nested Schema for `spec.component_defs.pod_spec.security_context.se_linux_options` @@ -2656,11 +2656,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2677,10 +2677,10 @@ Required: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2689,11 +2689,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2701,17 +2701,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.component_defs.pod_spec.topology_spread_constraints.label_selector` @@ -2719,7 +2719,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.topology_spread_constraints.label_selector.match_expressions` @@ -2727,11 +2727,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2741,37 +2741,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--vsphere_volume)) @@ -2780,13 +2780,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -2800,9 +2800,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2815,7 +2815,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2823,22 +2823,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.component_defs.pod_spec.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2847,20 +2847,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--cinder--secret_ref)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2869,9 +2869,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -2880,11 +2880,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2893,21 +2893,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.component_defs.pod_spec.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2916,7 +2916,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--downward_api--items)) @@ -2929,8 +2929,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.downward_api.items.field_ref` @@ -2964,8 +2964,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -2973,31 +2973,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3010,7 +3010,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -3023,8 +3023,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -3032,16 +3032,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_defs.pod_spec.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -3051,7 +3051,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_defs.pod_spec.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -3059,11 +3059,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3087,11 +3087,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -3103,17 +3103,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3122,7 +3122,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -3131,13 +3131,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -3149,7 +3149,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -3158,12 +3158,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -3171,11 +3171,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -3185,17 +3185,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--iscsi--secret_ref)) @@ -3203,7 +3203,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3212,12 +3212,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -3225,11 +3225,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -3241,7 +3241,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -3253,8 +3253,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3262,7 +3262,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources)) @@ -3280,8 +3280,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -3290,11 +3290,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3315,8 +3315,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.component_defs.pod_spec.volumes.projected.sources.downward_api.items.field_ref` @@ -3350,8 +3350,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -3360,11 +3360,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3373,12 +3373,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -3388,15 +3388,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -3404,24 +3404,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.component_defs.pod_spec.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3431,25 +3431,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.component_defs.pod_spec.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3458,10 +3458,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.component_defs.pod_spec.volumes.secret.items` @@ -3469,11 +3469,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3482,18 +3482,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--component_defs--pod_spec--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.component_defs.pod_spec.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3506,7 +3506,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -3522,7 +3522,7 @@ Required: Optional: -- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced. When defined, the scripts defined in scriptSpecs can be referenced within the CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--post_start_spec--script_spec_selectors)) +- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced.When defined, the scripts defined in scriptSpecs can be referenced within the CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--post_start_spec--script_spec_selectors)) ### Nested Schema for `spec.component_defs.post_start_spec.cmd_executor_config` @@ -3553,7 +3553,7 @@ Required: Optional: - `role_probe` (Attributes) Specifies the probe used for checking the role of the component. (see [below for nested schema](#nestedatt--spec--component_defs--probes--role_probe)) -- `role_probe_timeout_after_pods_ready` (Number) Defines the timeout (in seconds) for the role probe after all pods of the component are ready. The system will check if the application is available in the pod. If pods exceed the InitializationTimeoutSeconds time without a role label, this component will enter the Failed/Abnormal phase. Note that this configuration will only take effect if the component supports RoleProbe and will not affect the life cycle of the pod. default values are 60 seconds. +- `role_probe_timeout_after_pods_ready` (Number) Defines the timeout (in seconds) for the role probe after all pods of the component are ready.The system will check if the application is available in the pod.If pods exceed the InitializationTimeoutSeconds time without a role label, this component will enter theFailed/Abnormal phase.Note that this configuration will only take effect if the component supports RoleProbeand will not affect the life cycle of the pod. default values are 60 seconds. - `running_probe` (Attributes) Specifies the probe used for checking the running status of the component. (see [below for nested schema](#nestedatt--spec--component_defs--probes--running_probe)) - `status_probe` (Attributes) Specifies the probe used for checking the status of the component. (see [below for nested schema](#nestedatt--spec--component_defs--probes--status_probe)) @@ -3623,9 +3623,9 @@ Optional: Optional: -- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod is ready before continuing. Pods are removed in reverse order when scaling down. - 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once when scaling down. -- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a revision to the Template. 'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--replication_spec--ll_update_strategy)) -- `update_strategy` (String) Specifies the strategy for updating Pods. For workloadType='Consensus', the update strategy can be one of the following: - 'Serial': Updates Members sequentially to minimize component downtime. - 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains online at all times. - 'Parallel': Forces parallel updates. +- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.- 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each podis ready before continuing. Pods are removed in reverse order when scaling down.- 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at oncewhen scaling down. +- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon arevision to the Template.'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--replication_spec--ll_update_strategy)) +- `update_strategy` (String) Specifies the strategy for updating Pods.For workloadType='Consensus', the update strategy can be one of the following:- 'Serial': Updates Members sequentially to minimize component downtime.- 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains onlineat all times.- 'Parallel': Forces parallel updates. ### Nested Schema for `spec.component_defs.replication_spec.ll_update_strategy` @@ -3633,15 +3633,15 @@ Optional: Optional: - `rolling_update` (Attributes) RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. (see [below for nested schema](#nestedatt--spec--component_defs--replication_spec--ll_update_strategy--rolling_update)) -- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. +- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy.Default is RollingUpdate. ### Nested Schema for `spec.component_defs.replication_spec.ll_update_strategy.rolling_update` Optional: -- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. -- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. +- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update.Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).Absolute number is calculated from percentage by rounding up. This can not be 0.Defaults to 1. This field is alpha-level and is only honored by servers that enable theMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 toReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, itwill be counted towards MaxUnavailable. +- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitionedfor updates. During a rolling update, all pods from ordinal Replicas-1 toPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.This is helpful in being able to do a canary based deployment. The default value is 0. @@ -3651,7 +3651,7 @@ Optional: Optional: -- `member_update_strategy` (String) Describes the strategy for updating Members (Pods). - 'Serial': Updates Members sequentially to ensure minimum component downtime. - 'BestEffortParallel': Updates Members in parallel to ensure minimum component write downtime. - 'Parallel': Forces parallel updates. +- `member_update_strategy` (String) Describes the strategy for updating Members (Pods).- 'Serial': Updates Members sequentially to ensure minimum component downtime.- 'BestEffortParallel': Updates Members in parallel to ensure minimum component write downtime.- 'Parallel': Forces parallel updates. - `membership_reconfiguration` (Attributes) Indicates the actions required for dynamic membership reconfiguration. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration)) - `role_probe` (Attributes) Defines the method used to probe a role. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--role_probe)) - `roles` (Attributes List) Specifies a list of roles defined within the system. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--roles)) @@ -3661,11 +3661,11 @@ Optional: Optional: -- `log_sync_action` (Attributes) Defines the action to trigger the new member to start log syncing. If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--log_sync_action)) -- `member_join_action` (Attributes) Defines the action to add a member. If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--member_join_action)) -- `member_leave_action` (Attributes) Defines the action to remove a member. If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--member_leave_action)) -- `promote_action` (Attributes) Defines the action to inform the cluster that the new member can join voting now. If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--promote_action)) -- `switchover_action` (Attributes) Specifies the environment variables that can be used in all following Actions: - KB_ITS_USERNAME: Represents the username part of the credential - KB_ITS_PASSWORD: Represents the password part of the credential - KB_ITS_LEADER_HOST: Represents the leader host - KB_ITS_TARGET_HOST: Represents the target host - KB_ITS_SERVICE_PORT: Represents the service port Defines the action to perform a switchover. If the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--switchover_action)) +- `log_sync_action` (Attributes) Defines the action to trigger the new member to start log syncing.If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--log_sync_action)) +- `member_join_action` (Attributes) Defines the action to add a member.If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--member_join_action)) +- `member_leave_action` (Attributes) Defines the action to remove a member.If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--member_leave_action)) +- `promote_action` (Attributes) Defines the action to inform the cluster that the new member can join voting now.If the Image is not configured, the Image from the previous non-nil action will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--promote_action)) +- `switchover_action` (Attributes) Specifies the environment variables that can be used in all following Actions:- KB_ITS_USERNAME: Represents the username part of the credential- KB_ITS_PASSWORD: Represents the password part of the credential- KB_ITS_LEADER_HOST: Represents the leader host- KB_ITS_TARGET_HOST: Represents the target host- KB_ITS_SERVICE_PORT: Represents the service portDefines the action to perform a switchover.If the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used. (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--membership_reconfiguration--switchover_action)) ### Nested Schema for `spec.component_defs.rsm_spec.membership_reconfiguration.log_sync_action` @@ -3738,8 +3738,8 @@ Optional: Optional: -- `builtin_handler_name` (String) Specifies the builtin handler name to use to probe the role of the main container. Available handlers include: mysql, postgres, mongodb, redis, etcd, kafka. Use CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement. -- `custom_handler` (Attributes List) Defines a custom method for role probing. If the BuiltinHandler meets the requirement, use it instead. Actions defined here are executed in series. Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles. The latest [BusyBox](https://busybox.net/) image will be used if Image is not configured. Environment variables can be used in Command: - v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix - KB_ITS_USERNAME: username part of the credential - KB_ITS_PASSWORD: password part of the credential (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--role_probe--custom_handler)) +- `builtin_handler_name` (String) Specifies the builtin handler name to use to probe the role of the main container.Available handlers include: mysql, postgres, mongodb, redis, etcd, kafka.Use CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement. +- `custom_handler` (Attributes List) Defines a custom method for role probing.If the BuiltinHandler meets the requirement, use it instead.Actions defined here are executed in series.Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.The latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.Environment variables can be used in Command:- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix- KB_ITS_USERNAME: username part of the credential- KB_ITS_PASSWORD: password part of the credential (see [below for nested schema](#nestedatt--spec--component_defs--rsm_spec--role_probe--custom_handler)) - `failure_threshold` (Number) Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded. - `initial_delay_seconds` (Number) Specifies the number of seconds to wait after the container has started before initiating role probing. - `period_seconds` (Number) Specifies the frequency (in seconds) of probe execution. @@ -3782,12 +3782,12 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -3796,7 +3796,7 @@ Optional: Optional: -- `ports` (Attributes List) The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--component_defs--service--ports)) +- `ports` (Attributes List) The list of ports that are exposed by this service.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--component_defs--service--ports)) ### Nested Schema for `spec.component_defs.service.ports` @@ -3807,10 +3807,10 @@ Required: Optional: -- `app_protocol` (String) The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. -- `name` (String) The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. -- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'. Default is TCP. -- `target_port` (String) Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - If this is a string, it will be looked up as a named port in the target Pod's container ports. - If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service +- `app_protocol` (String) The application protocol for this port.This field follows standard Kubernetes label syntax.Un-prefixed names are reserved for IANA standard service names (as perRFC-6335 and https://www.iana.org/assignments/service-names).Non-standard protocols should use prefixed names such asmycompany.com/my-custom-protocol. +- `name` (String) The name of this port within the service. This must be a DNS_LABEL.All ports within a ServiceSpec must have unique names. When consideringthe endpoints for a Service, this must match the 'name' field in theEndpointPort. +- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'.Default is TCP. +- `target_port` (String) Number or name of the port to access on the pods targeted by the service.Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.- If this is a string, it will be looked up as a named port in the target Pod's container ports.- If this is not specified, the value of the 'port' field is used (an identity map).This field is ignored for services with clusterIP=None, and should beomitted or set equal to the 'port' field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service @@ -3820,19 +3820,19 @@ Optional: Required: - `name` (String) Specifies the name of the ServiceRefDeclaration. -- `service_ref_declaration_specs` (Attributes List) Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclaration upon Cluster creation. Each ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion, outlining the acceptable service types and versions that are compatible. This flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs. For example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed, either MySQL or PostgreSQL services can be used when binding. (see [below for nested schema](#nestedatt--spec--component_defs--service_ref_declarations--service_ref_declaration_specs)) +- `service_ref_declaration_specs` (Attributes List) Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclarationupon Cluster creation.Each ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion,outlining the acceptable service types and versions that are compatible.This flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs.For example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed,either MySQL or PostgreSQL services can be used when binding. (see [below for nested schema](#nestedatt--spec--component_defs--service_ref_declarations--service_ref_declaration_specs)) Optional: -- `optional` (Boolean) Specifies whether the service reference can be optional. For an optional service-ref, the component can still be created even if the service-ref is not provided. +- `optional` (Boolean) Specifies whether the service reference can be optional.For an optional service-ref, the component can still be created even if the service-ref is not provided. ### Nested Schema for `spec.component_defs.service_ref_declarations.service_ref_declaration_specs` Required: -- `service_kind` (String) Specifies the type or nature of the service. This should be a well-known application cluster type, such as {mysql, redis, mongodb}. The field is case-insensitive and supports abbreviations for some well-known databases. For instance, both 'zk' and 'zookeeper' are considered as a ZooKeeper cluster, while 'pg', 'postgres', 'postgresql' are all recognized as a PostgreSQL cluster. -- `service_version` (String) Defines the service version of the service reference. This is a regular expression that matches a version number pattern. For instance, '^8.0.8$', '8.0.d{1,2}$', '^[v-]*?(d{1,2}.){0,3}d{1,2}$' are all valid patterns. +- `service_kind` (String) Specifies the type or nature of the service. This should be a well-known application cluster type, such as{mysql, redis, mongodb}.The field is case-insensitive and supports abbreviations for some well-known databases.For instance, both 'zk' and 'zookeeper' are considered as a ZooKeeper cluster, while 'pg', 'postgres', 'postgresql'are all recognized as a PostgreSQL cluster. +- `service_version` (String) Defines the service version of the service reference. This is a regular expression that matches a version number pattern.For instance, '^8.0.8$', '8.0.d{1,2}$', '^[v-]*?(d{1,2}.){0,3}d{1,2}$' are all valid patterns. @@ -3841,9 +3841,9 @@ Required: Optional: -- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod is ready before continuing. Pods are removed in reverse order when scaling down. - 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once when scaling down. -- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a revision to the Template. 'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--stateful_spec--ll_update_strategy)) -- `update_strategy` (String) Specifies the strategy for updating Pods. For workloadType='Consensus', the update strategy can be one of the following: - 'Serial': Updates Members sequentially to minimize component downtime. - 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains online at all times. - 'Parallel': Forces parallel updates. +- `ll_pod_management_policy` (String) Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.- 'OrderedReady': Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each podis ready before continuing. Pods are removed in reverse order when scaling down.- 'Parallel': Creates pods in parallel to match the desired scale without waiting. All pods are deleted at oncewhen scaling down. +- `ll_update_strategy` (Attributes) Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon arevision to the Template.'UpdateStrategy' will be ignored if this is provided. (see [below for nested schema](#nestedatt--spec--component_defs--stateful_spec--ll_update_strategy)) +- `update_strategy` (String) Specifies the strategy for updating Pods.For workloadType='Consensus', the update strategy can be one of the following:- 'Serial': Updates Members sequentially to minimize component downtime.- 'BestEffortParallel': Updates Members in parallel to minimize component write downtime. Majority remains onlineat all times.- 'Parallel': Forces parallel updates. ### Nested Schema for `spec.component_defs.stateful_spec.ll_update_strategy` @@ -3851,15 +3851,15 @@ Optional: Optional: - `rolling_update` (Attributes) RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. (see [below for nested schema](#nestedatt--spec--component_defs--stateful_spec--ll_update_strategy--rolling_update)) -- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. +- `type` (String) Type indicates the type of the StatefulSetUpdateStrategy.Default is RollingUpdate. ### Nested Schema for `spec.component_defs.stateful_spec.ll_update_strategy.rolling_update` Optional: -- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. -- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. +- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update.Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).Absolute number is calculated from percentage by rounding up. This can not be 0.Defaults to 1. This field is alpha-level and is only honored by servers that enable theMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 toReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, itwill be counted towards MaxUnavailable. +- `partition` (Number) Partition indicates the ordinal at which the StatefulSet should be partitionedfor updates. During a rolling update, all pods from ordinal Replicas-1 toPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.This is helpful in being able to do a canary based deployment. The default value is 0. @@ -3876,7 +3876,7 @@ Optional: Optional: -- `rolling_update` (Attributes) Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. (see [below for nested schema](#nestedatt--spec--component_defs--stateless_spec--update_strategy--rolling_update)) +- `rolling_update` (Attributes) Rolling update config params. Present only if DeploymentStrategyType =RollingUpdate.---TODO: Update this to follow our convention for oneOf, whatever we decide itto be. (see [below for nested schema](#nestedatt--spec--component_defs--stateless_spec--update_strategy--rolling_update)) - `type` (String) Type of deployment. Can be 'Recreate' or 'RollingUpdate'. Default is RollingUpdate. @@ -3884,8 +3884,8 @@ Optional: Optional: -- `max_surge` (String) The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods. -- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods. +- `max_surge` (String) The maximum number of pods that can be scheduled above the desired number ofpods.Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).This can not be 0 if MaxUnavailable is 0.Absolute number is calculated from percentage by rounding up.Defaults to 25%.Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately whenthe rolling update starts, such that the total number of old and new pods do not exceed130% of desired pods. Once old pods have been killed,new ReplicaSet can be scaled up further, ensuring that total number of pods runningat any time during the update is at most 130% of desired pods. +- `max_unavailable` (String) The maximum number of pods that can be unavailable during the update.Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).Absolute number is calculated from percentage by rounding down.This can not be 0 if MaxSurge is 0.Defaults to 25%.Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired podsimmediately when the rolling update starts. Once new pods are ready, old ReplicaSetcan be scaled down further, followed by scaling up the new ReplicaSet, ensuringthat the total number of pods available at all times during the update is atleast 70% of desired pods. @@ -3907,7 +3907,7 @@ Required: Optional: -- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced. When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec--with_candidate--script_spec_selectors)) +- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced.When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec--with_candidate--script_spec_selectors)) ### Nested Schema for `spec.component_defs.switchover_spec.with_candidate.cmd_executor_config` @@ -3941,7 +3941,7 @@ Required: Optional: -- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced. When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec--without_candidate--script_spec_selectors)) +- `script_spec_selectors` (Attributes List) Used to select the script that need to be referenced.When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. (see [below for nested schema](#nestedatt--spec--component_defs--switchover_spec--without_candidate--script_spec_selectors)) ### Nested Schema for `spec.component_defs.switchover_spec.without_candidate.cmd_executor_config` @@ -4015,7 +4015,7 @@ Required: Optional: -- `deletion` (String) Defines the statement required to delete an existing account. Typically used in conjunction with the creation statement to delete an account before recreating it. For example, one might use a 'drop user if exists' statement followed by a 'create user' statement to ensure a fresh account. Deprecated: This field is deprecated and the update statement should be used instead. +- `deletion` (String) Defines the statement required to delete an existing account.Typically used in conjunction with the creation statement to delete an account before recreating it.For example, one might use a 'drop user if exists' statement followed by a 'create user' statement to ensure a fresh account.Deprecated: This field is deprecated and the update statement should be used instead. - `update` (String) Defines the statement required to update the password of an existing account. @@ -4044,7 +4044,7 @@ Optional: - `letter_case` (String) The case of the letters in the password. - `num_digits` (Number) The number of digits in the password. - `num_symbols` (Number) The number of symbols in the password. -- `seed` (String) Seed to generate the account's password. Cannot be updated. +- `seed` (String) Seed to generate the account's password.Cannot be updated. @@ -4053,7 +4053,7 @@ Optional: Optional: -- `high_watermark` (Number) The high watermark threshold for volume space usage. If there is any specified volumes who's space usage is over the threshold, the pre-defined 'LOCK' action will be triggered to degrade the service to protect volume from space exhaustion, such as to set the instance as read-only. And after that, if all volumes' space usage drops under the threshold later, the pre-defined 'UNLOCK' action will be performed to recover the service normally. +- `high_watermark` (Number) The high watermark threshold for volume space usage.If there is any specified volumes who's space usage is over the threshold, the pre-defined 'LOCK' actionwill be triggered to degrade the service to protect volume from space exhaustion, such as to set the instanceas read-only. And after that, if all volumes' space usage drops under the threshold later, the pre-defined'UNLOCK' action will be performed to recover the service normally. - `volumes` (Attributes List) The Volumes to be protected. (see [below for nested schema](#nestedatt--spec--component_defs--volume_protection_spec--volumes)) @@ -4061,7 +4061,7 @@ Optional: Optional: -- `high_watermark` (Number) Defines the high watermark threshold for the volume, it will override the component level threshold. If the value is invalid, it will be ignored and the component level threshold will be used. +- `high_watermark` (Number) Defines the high watermark threshold for the volume, it will override the component level threshold.If the value is invalid, it will be ignored and the component level threshold will be used. - `name` (String) The Name of the volume to protect. @@ -4085,20 +4085,20 @@ Optional: Required: - `components` (Attributes List) Components specifies the components in the topology. (see [below for nested schema](#nestedatt--spec--topologies--components)) -- `name` (String) Name is the unique identifier for the cluster topology. Cannot be updated. +- `name` (String) Name is the unique identifier for the cluster topology.Cannot be updated. Optional: -- `default` (Boolean) Default indicates whether this topology serves as the default configuration. When set to true, this topology is automatically used unless another is explicitly specified. -- `orders` (Attributes) Specifies the sequence in which components within a cluster topology are started, stopped, and upgraded. This ordering is crucial for maintaining the correct dependencies and operational flow across components. (see [below for nested schema](#nestedatt--spec--topologies--orders)) +- `default` (Boolean) Default indicates whether this topology serves as the default configuration.When set to true, this topology is automatically used unless another is explicitly specified. +- `orders` (Attributes) Specifies the sequence in which components within a cluster topology arestarted, stopped, and upgraded.This ordering is crucial for maintaining the correct dependencies and operational flow across components. (see [below for nested schema](#nestedatt--spec--topologies--orders)) ### Nested Schema for `spec.topologies.components` Required: -- `comp_def` (String) Specifies the name or prefix of the ComponentDefinition custom resource(CR) that defines the Component's characteristics and behavior. When a prefix is used, the system selects the ComponentDefinition CR with the latest version that matches the prefix. This approach allows: 1. Precise selection by providing the exact name of a ComponentDefinition CR. 2. Flexible and automatic selection of the most up-to-date ComponentDefinition CR by specifying a prefix. Once set, this field cannot be updated. -- `name` (String) Defines the unique identifier of the component within the cluster topology. It follows IANA Service naming rules and is used as part of the Service's DNS name. The name must start with a lowercase letter, can contain lowercase letters, numbers, and hyphens, and must end with a lowercase letter or number. Cannot be updated once set. +- `comp_def` (String) Specifies the name or prefix of the ComponentDefinition custom resource(CR) thatdefines the Component's characteristics and behavior.When a prefix is used, the system selects the ComponentDefinition CR with the latest version that matches the prefix.This approach allows:1. Precise selection by providing the exact name of a ComponentDefinition CR.2. Flexible and automatic selection of the most up-to-date ComponentDefinition CR by specifying a prefix.Once set, this field cannot be updated. +- `name` (String) Defines the unique identifier of the component within the cluster topology.It follows IANA Service naming rules and is used as part of the Service's DNS name.The name must start with a lowercase letter, can contain lowercase letters, numbers,and hyphens, and must end with a lowercase letter or number.Cannot be updated once set. @@ -4106,6 +4106,6 @@ Required: Optional: -- `provision` (List of String) Specifies the order for creating and initializing components. This is designed for components that depend on one another. Components without dependencies can be grouped together. Components that can be provisioned independently or have no dependencies can be listed together in the same stage, separated by commas. -- `terminate` (List of String) Outlines the order for stopping and deleting components. This sequence is designed for components that require a graceful shutdown or have interdependencies. Components that can be terminated independently or have no dependencies can be listed together in the same stage, separated by commas. -- `update` (List of String) Update determines the order for updating components' specifications, such as image upgrades or resource scaling. This sequence is designed for components that have dependencies or require specific update procedures. Components that can be updated independently or have no dependencies can be listed together in the same stage, separated by commas. +- `provision` (List of String) Specifies the order for creating and initializing components.This is designed for components that depend on one another. Components without dependencies can be grouped together.Components that can be provisioned independently or have no dependencies can be listed together in the same stage,separated by commas. +- `terminate` (List of String) Outlines the order for stopping and deleting components.This sequence is designed for components that require a graceful shutdown or have interdependencies.Components that can be terminated independently or have no dependencies can be listed together in the same stage,separated by commas. +- `update` (List of String) Update determines the order for updating components' specifications, such as image upgrades or resource scaling.This sequence is designed for components that have dependencies or require specific update procedures.Components that can be updated independently or have no dependencies can be listed together in the same stage,separated by commas. diff --git a/docs/data-sources/apps_kubeblocks_io_cluster_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_cluster_v1alpha1_manifest.md index e65ca22d4..62ca2182f 100644 --- a/docs/data-sources/apps_kubeblocks_io_cluster_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_cluster_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_cluster_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - Cluster offers a unified management interface for a wide variety of database and storage systems: - Relational databases: MySQL, PostgreSQL, MariaDB - NoSQL databases: Redis, MongoDB - KV stores: ZooKeeper, etcd - Analytics systems: ElasticSearch, OpenSearch, ClickHouse, Doris, StarRocks, Solr - Message queues: Kafka, Pulsar - Distributed SQL: TiDB, OceanBase - Vector databases: Qdrant, Milvus, Weaviate - Object storage: Minio KubeBlocks utilizes an abstraction layer to encapsulate the characteristics of these diverse systems. A Cluster is composed of multiple Components, each defined by vendors or KubeBlocks Addon developers via ComponentDefinition, arranged in Directed Acyclic Graph (DAG) topologies. The topologies, defined in a ClusterDefinition, coordinate reconciliation across Cluster's lifecycle phases: Creating, Running, Updating, Stopping, Stopped, Deleting. Lifecycle management ensures that each Component operates in harmony, executing appropriate actions at each lifecycle stage. For sharded-nothing architecture, the Cluster supports managing multiple shards, each shard managed by a separate Component, supporting dynamic resharding. The Cluster object is aimed to maintain the overall integrity and availability of a database cluster, serves as the central control point, abstracting the complexity of multiple-component management, and providing a unified interface for cluster-wide operations. + Cluster offers a unified management interface for a wide variety of database and storage systems:- Relational databases: MySQL, PostgreSQL, MariaDB- NoSQL databases: Redis, MongoDB- KV stores: ZooKeeper, etcd- Analytics systems: ElasticSearch, OpenSearch, ClickHouse, Doris, StarRocks, Solr- Message queues: Kafka, Pulsar- Distributed SQL: TiDB, OceanBase- Vector databases: Qdrant, Milvus, Weaviate- Object storage: MinioKubeBlocks utilizes an abstraction layer to encapsulate the characteristics of these diverse systems.A Cluster is composed of multiple Components, each defined by vendors or KubeBlocks Addon developers via ComponentDefinition,arranged in Directed Acyclic Graph (DAG) topologies.The topologies, defined in a ClusterDefinition, coordinate reconciliation across Cluster's lifecycle phases:Creating, Running, Updating, Stopping, Stopped, Deleting.Lifecycle management ensures that each Component operates in harmony, executing appropriate actions at each lifecycle stage.For sharded-nothing architecture, the Cluster supports managing multiple shards,each shard managed by a separate Component, supporting dynamic resharding.The Cluster object is aimed to maintain the overall integrity and availability of a database cluster,serves as the central control point, abstracting the complexity of multiple-component management,and providing a unified interface for cluster-wide operations. --- # k8s_apps_kubeblocks_io_cluster_v1alpha1_manifest (Data Source) -Cluster offers a unified management interface for a wide variety of database and storage systems: - Relational databases: MySQL, PostgreSQL, MariaDB - NoSQL databases: Redis, MongoDB - KV stores: ZooKeeper, etcd - Analytics systems: ElasticSearch, OpenSearch, ClickHouse, Doris, StarRocks, Solr - Message queues: Kafka, Pulsar - Distributed SQL: TiDB, OceanBase - Vector databases: Qdrant, Milvus, Weaviate - Object storage: Minio KubeBlocks utilizes an abstraction layer to encapsulate the characteristics of these diverse systems. A Cluster is composed of multiple Components, each defined by vendors or KubeBlocks Addon developers via ComponentDefinition, arranged in Directed Acyclic Graph (DAG) topologies. The topologies, defined in a ClusterDefinition, coordinate reconciliation across Cluster's lifecycle phases: Creating, Running, Updating, Stopping, Stopped, Deleting. Lifecycle management ensures that each Component operates in harmony, executing appropriate actions at each lifecycle stage. For sharded-nothing architecture, the Cluster supports managing multiple shards, each shard managed by a separate Component, supporting dynamic resharding. The Cluster object is aimed to maintain the overall integrity and availability of a database cluster, serves as the central control point, abstracting the complexity of multiple-component management, and providing a unified interface for cluster-wide operations. +Cluster offers a unified management interface for a wide variety of database and storage systems:- Relational databases: MySQL, PostgreSQL, MariaDB- NoSQL databases: Redis, MongoDB- KV stores: ZooKeeper, etcd- Analytics systems: ElasticSearch, OpenSearch, ClickHouse, Doris, StarRocks, Solr- Message queues: Kafka, Pulsar- Distributed SQL: TiDB, OceanBase- Vector databases: Qdrant, Milvus, Weaviate- Object storage: MinioKubeBlocks utilizes an abstraction layer to encapsulate the characteristics of these diverse systems.A Cluster is composed of multiple Components, each defined by vendors or KubeBlocks Addon developers via ComponentDefinition,arranged in Directed Acyclic Graph (DAG) topologies.The topologies, defined in a ClusterDefinition, coordinate reconciliation across Cluster's lifecycle phases:Creating, Running, Updating, Stopping, Stopped, Deleting.Lifecycle management ensures that each Component operates in harmony, executing appropriate actions at each lifecycle stage.For sharded-nothing architecture, the Cluster supports managing multiple shards,each shard managed by a separate Component, supporting dynamic resharding.The Cluster object is aimed to maintain the overall integrity and availability of a database cluster,serves as the central control point, abstracting the complexity of multiple-component management,and providing a unified interface for cluster-wide operations. ## Example Usage @@ -55,37 +55,37 @@ Optional: Required: -- `termination_policy` (String) Specifies the behavior when a Cluster is deleted. It defines how resources, data, and backups associated with a Cluster are managed during termination. Choose a policy based on the desired level of resource cleanup and data preservation: - 'DoNotTerminate': Prevents deletion of the Cluster. This policy ensures that all resources remain intact. - 'Halt': Deletes Cluster resources like Pods and Services but retains Persistent Volume Claims (PVCs), allowing for data preservation while stopping other operations. - 'Delete': Extends the 'Halt' policy by also removing PVCs, leading to a thorough cleanup while removing all persistent data. - 'WipeOut': An aggressive policy that deletes all Cluster resources, including volume snapshots and backups in external storage. This results in complete data removal and should be used cautiously, primarily in non-production environments to avoid irreversible data loss. Warning: Choosing an inappropriate termination policy can result in data loss. The 'WipeOut' policy is particularly risky in production environments due to its irreversible nature. +- `termination_policy` (String) Specifies the behavior when a Cluster is deleted.It defines how resources, data, and backups associated with a Cluster are managed during termination.Choose a policy based on the desired level of resource cleanup and data preservation:- 'DoNotTerminate': Prevents deletion of the Cluster. This policy ensures that all resources remain intact.- 'Halt': Deletes Cluster resources like Pods and Services but retains Persistent Volume Claims (PVCs), allowing for data preservation while stopping other operations.- 'Delete': Extends the 'Halt' policy by also removing PVCs, leading to a thorough cleanup while removing all persistent data.- 'WipeOut': An aggressive policy that deletes all Cluster resources, including volume snapshots and backups in external storage. This results in complete data removal and should be used cautiously, primarily in non-production environments to avoid irreversible data loss.Warning: Choosing an inappropriate termination policy can result in data loss.The 'WipeOut' policy is particularly risky in production environments due to its irreversible nature. Optional: -- `affinity` (Attributes) Defines a set of node affinity scheduling rules for the Cluster's Pods. This field helps control the placement of Pods on nodes within the Cluster. Deprecated since v0.10. Use the 'schedulingPolicy' field instead. (see [below for nested schema](#nestedatt--spec--affinity)) -- `availability_policy` (String) Describes the availability policy, including zone, node, and none. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `affinity` (Attributes) Defines a set of node affinity scheduling rules for the Cluster's Pods.This field helps control the placement of Pods on nodes within the Cluster.Deprecated since v0.10. Use the 'schedulingPolicy' field instead. (see [below for nested schema](#nestedatt--spec--affinity)) +- `availability_policy` (String) Describes the availability policy, including zone, node, and none.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - `backup` (Attributes) Specifies the backup configuration of the Cluster. (see [below for nested schema](#nestedatt--spec--backup)) -- `cluster_definition_ref` (String) Specifies the name of the ClusterDefinition to use when creating a Cluster. This field enables users to create a Cluster based on a specific ClusterDefinition. Which, in conjunction with the 'topology' field, determine: - The Components to be included in the Cluster. - The sequences in which the Components are created, updated, and terminate. This facilitates multiple-components management with predefined ClusterDefinition. Users with advanced requirements can bypass this general setting and specify more precise control over the composition of the Cluster by directly referencing specific ComponentDefinitions for each component within 'componentSpecs[*].componentDef'. If this field is not provided, each component must be explicitly defined in 'componentSpecs[*].componentDef'. Note: Once set, this field cannot be modified; it is immutable. -- `cluster_version_ref` (String) Refers to the ClusterVersion name. Deprecated since v0.9, use ComponentVersion instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `component_specs` (Attributes List) Specifies a list of ClusterComponentSpec objects used to define the individual Components that make up a Cluster. This field allows for detailed configuration of each Component within the Cluster. Note: 'shardingSpecs' and 'componentSpecs' cannot both be empty; at least one must be defined to configure a Cluster. (see [below for nested schema](#nestedatt--spec--component_specs)) -- `network` (Attributes) The configuration of network. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--network)) -- `replicas` (Number) Specifies the replicas of the first componentSpec, if the replicas of the first componentSpec is specified, this value will be ignored. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `resources` (Attributes) Specifies the resources of the first componentSpec, if the resources of the first componentSpec is specified, this value will be ignored. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--resources)) +- `cluster_definition_ref` (String) Specifies the name of the ClusterDefinition to use when creating a Cluster.This field enables users to create a Cluster based on a specific ClusterDefinition.Which, in conjunction with the 'topology' field, determine:- The Components to be included in the Cluster.- The sequences in which the Components are created, updated, and terminate.This facilitates multiple-components management with predefined ClusterDefinition.Users with advanced requirements can bypass this general setting and specify more precise control overthe composition of the Cluster by directly referencing specific ComponentDefinitions for each componentwithin 'componentSpecs[*].componentDef'.If this field is not provided, each component must be explicitly defined in 'componentSpecs[*].componentDef'.Note: Once set, this field cannot be modified; it is immutable. +- `cluster_version_ref` (String) Refers to the ClusterVersion name.Deprecated since v0.9, use ComponentVersion instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `component_specs` (Attributes List) Specifies a list of ClusterComponentSpec objects used to define the individual Components that make up a Cluster.This field allows for detailed configuration of each Component within the Cluster.Note: 'shardingSpecs' and 'componentSpecs' cannot both be empty; at least one must be defined to configure a Cluster. (see [below for nested schema](#nestedatt--spec--component_specs)) +- `network` (Attributes) The configuration of network.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--network)) +- `replicas` (Number) Specifies the replicas of the first componentSpec, if the replicas of the first componentSpec is specified,this value will be ignored.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `resources` (Attributes) Specifies the resources of the first componentSpec, if the resources of the first componentSpec is specified,this value will be ignored.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--resources)) - `runtime_class_name` (String) Specifies runtimeClassName for all Pods managed by this Cluster. - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Cluster. (see [below for nested schema](#nestedatt--spec--scheduling_policy)) -- `services` (Map of String) Defines a list of additional Services that are exposed by a Cluster. This field allows Services of selected Components, either from 'componentSpecs' or 'shardingSpecs' to be exposed, alongside Services defined with ComponentService. Services defined here can be referenced by other clusters using the ServiceRefClusterSelector. -- `sharding_specs` (Attributes List) Specifies a list of ShardingSpec objects that manage the sharding topology for Cluster Components. Each ShardingSpec organizes components into shards, with each shard corresponding to a Component. Components within a shard are all based on a common ClusterComponentSpec template, ensuring uniform configurations. This field supports dynamic resharding by facilitating the addition or removal of shards through the 'shards' field in ShardingSpec. Note: 'shardingSpecs' and 'componentSpecs' cannot both be empty; at least one must be defined to configure a Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs)) -- `storage` (Attributes) Specifies the storage of the first componentSpec, if the storage of the first componentSpec is specified, this value will be ignored. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--storage)) -- `tenancy` (String) Describes how Pods are distributed across node. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `tolerations` (Map of String) An array that specifies tolerations attached to the Cluster's Pods, allowing them to be scheduled onto nodes with matching taints. Deprecated since v0.10. Use the 'schedulingPolicy' field instead. -- `topology` (String) Specifies the name of the ClusterTopology to be used when creating the Cluster. This field defines which set of Components, as outlined in the ClusterDefinition, will be used to construct the Cluster based on the named topology. The ClusterDefinition may list multiple topologies under 'clusterdefinition.spec.topologies[*]', each tailored to different use cases or environments. If 'topology' is not specified, the Cluster will use the default topology defined in the ClusterDefinition. Note: Once set during the Cluster creation, the 'topology' field cannot be modified. It establishes the initial composition and structure of the Cluster and is intended for one-time configuration. +- `services` (Map of String) Defines a list of additional Services that are exposed by a Cluster.This field allows Services of selected Components, either from 'componentSpecs' or 'shardingSpecs' to be exposed,alongside Services defined with ComponentService.Services defined here can be referenced by other clusters using the ServiceRefClusterSelector. +- `sharding_specs` (Attributes List) Specifies a list of ShardingSpec objects that manage the sharding topology for Cluster Components.Each ShardingSpec organizes components into shards, with each shard corresponding to a Component.Components within a shard are all based on a common ClusterComponentSpec template, ensuring uniform configurations.This field supports dynamic resharding by facilitating the addition or removal of shardsthrough the 'shards' field in ShardingSpec.Note: 'shardingSpecs' and 'componentSpecs' cannot both be empty; at least one must be defined to configure a Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs)) +- `storage` (Attributes) Specifies the storage of the first componentSpec, if the storage of the first componentSpec is specified,this value will be ignored.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--storage)) +- `tenancy` (String) Describes how Pods are distributed across node.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `tolerations` (Map of String) An array that specifies tolerations attached to the Cluster's Pods,allowing them to be scheduled onto nodes with matching taints.Deprecated since v0.10. Use the 'schedulingPolicy' field instead. +- `topology` (String) Specifies the name of the ClusterTopology to be used when creating the Cluster.This field defines which set of Components, as outlined in the ClusterDefinition, will be used toconstruct the Cluster based on the named topology.The ClusterDefinition may list multiple topologies under 'clusterdefinition.spec.topologies[*]',each tailored to different use cases or environments.If 'topology' is not specified, the Cluster will use the default topology defined in the ClusterDefinition.Note: Once set during the Cluster creation, the 'topology' field cannot be modified.It establishes the initial composition and structure of the Cluster and is intended for one-time configuration. ### Nested Schema for `spec.affinity` Optional: -- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them. It is a map where the keys are the label keys and the values are the corresponding label values. Pods will only be scheduled on nodes that have all the specified labels with the corresponding values. For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'}, pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd' and the 'environment' label with value 'production'. This field allows users to control Pod placement based on specific node labels. It can be used to ensure that Pods are scheduled on nodes with certain characteristics, such as specific hardware (e.g., SSD), environment (e.g., production, staging), or any other custom labels assigned to nodes. -- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component. It determines how pods should be spread across nodes to improve availability and performance. It can have the following values: 'Preferred' and 'Required'. The default value is 'Preferred'. -- `tenancy` (String) Determines the level of resource isolation between Pods. It can have the following values: 'SharedNode' and 'DedicatedNode'. - SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s. - DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. -- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinity and Pod spread constraints. In K8s, a topology domain is a set of nodes that have the same value for a specific label key. Nodes with labels containing any of the specified TopologyKeys and identical values are considered to be in the same topology domain. Note: The concept of topology in the context of K8s TopologyKeys is different from the concept of topology in the ClusterDefinition. When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule the Pod on nodes with different values for the specified TopologyKeys. This ensures that Pods are spread across different topology domains, promoting high availability and reducing the impact of node failures. Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone', are often used as TopologyKey. These keys represent the hostname and zone of a node, respectively. By including these keys in the TopologyKeys list, Pods will be spread across nodes with different hostnames or zones. In addition to the well-known keys, users can also specify custom label keys as TopologyKeys. This allows for more flexible and custom topology definitions based on the specific needs of the application or environment. The TopologyKeys field is a slice of strings, where each string represents a label key. The order of the keys in the slice does not matter. +- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them.It is a map where the keys are the label keys and the values are the corresponding label values.Pods will only be scheduled on nodes that have all the specified labels with the corresponding values.For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'},pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd'and the 'environment' label with value 'production'.This field allows users to control Pod placement based on specific node labels.It can be used to ensure that Pods are scheduled on nodes with certain characteristics,such as specific hardware (e.g., SSD), environment (e.g., production, staging),or any other custom labels assigned to nodes. +- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component.It determines how pods should be spread across nodes to improve availability and performance.It can have the following values: 'Preferred' and 'Required'.The default value is 'Preferred'. +- `tenancy` (String) Determines the level of resource isolation between Pods.It can have the following values: 'SharedNode' and 'DedicatedNode'.- SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s.- DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. +- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinityand Pod spread constraints.In K8s, a topology domain is a set of nodes that have the same value for a specific label key.Nodes with labels containing any of the specified TopologyKeys and identical values are consideredto be in the same topology domain.Note: The concept of topology in the context of K8s TopologyKeys is different from the concept oftopology in the ClusterDefinition.When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule thePod on nodes with different values for the specified TopologyKeys.This ensures that Pods are spread across different topology domains, promoting high availability andreducing the impact of node failures.Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone',are often used as TopologyKey.These keys represent the hostname and zone of a node, respectively.By including these keys in the TopologyKeys list, Pods will be spread across nodes withdifferent hostnames or zones.In addition to the well-known keys, users can also specify custom label keys as TopologyKeys.This allows for more flexible and custom topology definitions based on the specific needsof the application or environment.The TopologyKeys field is a slice of strings, where each string represents a label key.The order of the keys in the slice does not matter. @@ -101,8 +101,8 @@ Optional: - `enabled` (Boolean) Specifies whether automated backup is enabled for the Cluster. - `pitr_enabled` (Boolean) Specifies whether to enable point-in-time recovery. - `repo_name` (String) Specifies the name of the backupRepo. If not set, the default backupRepo will be used. -- `retention_period` (String) Determines the duration to retain backups. Backups older than this period are automatically removed. For example, RetentionPeriod of '30d' will keep only the backups of last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m You can also combine the above durations. For example: 30d12h30m. Default value is 7d. -- `starting_deadline_minutes` (Number) Specifies the maximum time in minutes that the system will wait to start a missed backup job. If the scheduled backup time is missed for any reason, the backup job must start within this deadline. Values must be between 0 (immediate execution) and 1440 (one day). +- `retention_period` (String) Determines the duration to retain backups. Backups older than this period are automatically removed.For example, RetentionPeriod of '30d' will keep only the backups of last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mYou can also combine the above durations. For example: 30d12h30m.Default value is 7d. +- `starting_deadline_minutes` (Number) Specifies the maximum time in minutes that the system will wait to start a missed backup job.If the scheduled backup time is missed for any reason, the backup job must start within this deadline.Values must be between 0 (immediate execution) and 1440 (one day). @@ -114,40 +114,40 @@ Required: Optional: -- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component. It allows users to control how the Component's Pods are scheduled onto nodes in the K8s cluster. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--component_specs--affinity)) -- `component_def` (String) References the name of a ComponentDefinition object. The ComponentDefinition specifies the behavior and characteristics of the Component. If both 'componentDefRef' and 'componentDef' are provided, the 'componentDef' will take precedence over 'componentDefRef'. -- `component_def_ref` (String) References a ClusterComponentDefinition defined in the 'clusterDefinition.spec.componentDef' field. Must comply with the IANA service naming rule. Deprecated since v0.9, because defining Components in 'clusterDefinition.spec.componentDef' field has been deprecated. This field is replaced by the 'componentDef' field, use 'componentDef' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='componentDefRef is immutable' +- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component.It allows users to control how the Component's Pods are scheduled onto nodes in the K8s cluster.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--component_specs--affinity)) +- `component_def` (String) References the name of a ComponentDefinition object.The ComponentDefinition specifies the behavior and characteristics of the Component.If both 'componentDefRef' and 'componentDef' are provided,the 'componentDef' will take precedence over 'componentDefRef'. +- `component_def_ref` (String) References a ClusterComponentDefinition defined in the 'clusterDefinition.spec.componentDef' field.Must comply with the IANA service naming rule.Deprecated since v0.9,because defining Components in 'clusterDefinition.spec.componentDef' field has been deprecated.This field is replaced by the 'componentDef' field, use 'componentDef' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases.TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='componentDefRef is immutable' - `configs` (Attributes List) (see [below for nested schema](#nestedatt--spec--component_specs--configs)) -- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service. If set to true, the following annotations will not be patched into the Service: - 'monitor.kubeblocks.io/path' - 'monitor.kubeblocks.io/port' - 'monitor.kubeblocks.io/scheme' These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. -- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Component. The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries. The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries. For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries with names 'slow_query_log' and 'error_log', you can enable the collection of these logs by including their names in the 'enabledLogs' array: '''yaml enabledLogs: - slow_query_log - error_log ''' -- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component. An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). While instances typically share a common configuration as defined in the ClusterComponentSpec, they can require unique settings in various scenarios: For example: - A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources. - During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly. InstanceTemplate allows for specifying these unique configurations per instance. Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal), starting with an ordinal of 0. It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts. The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component. Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--component_specs--instances)) -- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer. It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--component_specs--issuer)) -- `monitor` (Boolean) Deprecated since v0.9 Determines whether metrics exporter information is annotated on the Component's headless Service. If set to true, the following annotations will be patched into the Service: - 'monitor.kubeblocks.io/path' - 'monitor.kubeblocks.io/port' - 'monitor.kubeblocks.io/scheme' These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. -- `name` (String) Specifies the Component's name. It's part of the Service DNS name and must comply with the IANA service naming rule. The name is optional when ClusterComponentSpec is used as a template (e.g., in 'shardingSpec'), but required otherwise. TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='name is immutable' -- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status. Marking an instance as offline results in the following: 1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used. 2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances. Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining ordinal consistency within the Cluster. Note that offline instances and their associated resources, such as PVCs, are not automatically deleted. The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. -- `resources` (Attributes) Specifies the resources required by the Component. It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--component_specs--resources)) +- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service.If set to true, the following annotations will not be patched into the Service:- 'monitor.kubeblocks.io/path'- 'monitor.kubeblocks.io/port'- 'monitor.kubeblocks.io/scheme'These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. +- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Component.The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries.The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries.For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries withnames 'slow_query_log' and 'error_log',you can enable the collection of these logs by including their names in the 'enabledLogs' array:'''yamlenabledLogs:- slow_query_log- error_log''' +- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component.An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).While instances typically share a common configuration as defined in the ClusterComponentSpec,they can require unique settings in various scenarios:For example:- A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources.- During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly.InstanceTemplate allows for specifying these unique configurations per instance.Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),starting with an ordinal of 0.It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component.Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--component_specs--instances)) +- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer.It allows defining the issuer name and the reference to the secret containing the TLS certificates and key.The secret should contain the CA certificate, TLS certificate, and private key in the specified keys.Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--component_specs--issuer)) +- `monitor` (Boolean) Deprecated since v0.9Determines whether metrics exporter information is annotated on the Component's headless Service.If set to true, the following annotations will be patched into the Service:- 'monitor.kubeblocks.io/path'- 'monitor.kubeblocks.io/port'- 'monitor.kubeblocks.io/scheme'These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. +- `name` (String) Specifies the Component's name.It's part of the Service DNS name and must comply with the IANA service naming rule.The name is optional when ClusterComponentSpec is used as a template (e.g., in 'shardingSpec'),but required otherwise.TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='name is immutable' +- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status.Marking an instance as offline results in the following:1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used.2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances.Setting instances to offline allows for a controlled scale-in process, preserving their data and maintainingordinal consistency within the Cluster.Note that offline instances and their associated resources, such as PVCs, are not automatically deleted.The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. +- `resources` (Attributes) Specifies the resources required by the Component.It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--component_specs--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy)) -- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component. This ServiceAccount is used to grant necessary permissions for the Component's Pods to interact with other Kubernetes resources, such as modifying Pod labels or sending events. Defaults: If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}', bound to a default role installed together with KubeBlocks. Future Changes: Future versions might change the default ServiceAccount creation strategy to one per Component, potentially revising the naming to 'kb-{cluster.name}-{component.name}'. Users can override the automatic ServiceAccount assignment by explicitly setting the name of an existed ServiceAccount in this field. -- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services and Services provided by other Clusters. Types of services: - External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details. - Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names. ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same. Example: '''yaml serviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql' ''' The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs)) -- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component. The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). If no version is specified, the latest available version will be used. +- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component.This ServiceAccount is used to grant necessary permissions for the Component's Pods to interactwith other Kubernetes resources, such as modifying Pod labels or sending events.Defaults:If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}',bound to a default role installed together with KubeBlocks.Future Changes:Future versions might change the default ServiceAccount creation strategy to one per Component,potentially revising the naming to 'kb-{cluster.name}-{component.name}'.Users can override the automatic ServiceAccount assignment by explicitly setting the name ofan existed ServiceAccount in this field. +- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services andServices provided by other Clusters.Types of services:- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details.- Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names.ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same.Example:'''yamlserviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql''''The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs)) +- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component.The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/).If no version is specified, the latest available version will be used. - `services` (Attributes List) Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. (see [below for nested schema](#nestedatt--spec--component_specs--services)) -- `switch_policy` (Attributes) Defines the strategy for switchover and failover when workloadType is Replication. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--component_specs--switch_policy)) +- `switch_policy` (Attributes) Defines the strategy for switchover and failover when workloadType is Replication.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--component_specs--switch_policy)) - `system_accounts` (Attributes List) Overrides system accounts defined in referenced ComponentDefinition. (see [below for nested schema](#nestedatt--spec--component_specs--system_accounts)) -- `tls` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication. When set to true, the Component will be configured to use TLS encryption for its network connections. This ensures that the data transmitted between the Component and its clients or other Components is encrypted and protected from unauthorized access. If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys, to properly set up the secure communication channel. -- `tolerations` (Map of String) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. -- `update_strategy` (String) Defines the update strategy for the Component. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `user_resource_refs` (Attributes) Allows users to specify custom ConfigMaps and Secrets to be mounted as volumes in the Cluster's Pods. This is useful in scenarios where users need to provide additional resources to the Cluster, such as: - Mounting custom scripts or configuration files during Cluster startup. - Mounting Secrets as volumes to provide sensitive information, like S3 AK/SK, to the Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs)) -- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component. Each template specifies the desired characteristics of a persistent volume, such as storage class, size, and access modes. These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates)) +- `tls` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS)for secure communication.When set to true, the Component will be configured to use TLS encryption for its network connections.This ensures that the data transmitted between the Component and its clients or other Components is encryptedand protected from unauthorized access.If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys,to properly set up the secure communication channel. +- `tolerations` (Map of String) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. +- `update_strategy` (String) Defines the update strategy for the Component.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `user_resource_refs` (Attributes) Allows users to specify custom ConfigMaps and Secrets to be mounted as volumesin the Cluster's Pods.This is useful in scenarios where users need to provide additional resources to the Cluster, such as:- Mounting custom scripts or configuration files during Cluster startup.- Mounting Secrets as volumes to provide sensitive information, like S3 AK/SK, to the Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs)) +- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.Each template specifies the desired characteristics of a persistent volume, such as storage class,size, and access modes.These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates)) ### Nested Schema for `spec.component_specs.affinity` Optional: -- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them. It is a map where the keys are the label keys and the values are the corresponding label values. Pods will only be scheduled on nodes that have all the specified labels with the corresponding values. For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'}, pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd' and the 'environment' label with value 'production'. This field allows users to control Pod placement based on specific node labels. It can be used to ensure that Pods are scheduled on nodes with certain characteristics, such as specific hardware (e.g., SSD), environment (e.g., production, staging), or any other custom labels assigned to nodes. -- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component. It determines how pods should be spread across nodes to improve availability and performance. It can have the following values: 'Preferred' and 'Required'. The default value is 'Preferred'. -- `tenancy` (String) Determines the level of resource isolation between Pods. It can have the following values: 'SharedNode' and 'DedicatedNode'. - SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s. - DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. -- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinity and Pod spread constraints. In K8s, a topology domain is a set of nodes that have the same value for a specific label key. Nodes with labels containing any of the specified TopologyKeys and identical values are considered to be in the same topology domain. Note: The concept of topology in the context of K8s TopologyKeys is different from the concept of topology in the ClusterDefinition. When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule the Pod on nodes with different values for the specified TopologyKeys. This ensures that Pods are spread across different topology domains, promoting high availability and reducing the impact of node failures. Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone', are often used as TopologyKey. These keys represent the hostname and zone of a node, respectively. By including these keys in the TopologyKeys list, Pods will be spread across nodes with different hostnames or zones. In addition to the well-known keys, users can also specify custom label keys as TopologyKeys. This allows for more flexible and custom topology definitions based on the specific needs of the application or environment. The TopologyKeys field is a slice of strings, where each string represents a label key. The order of the keys in the slice does not matter. +- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them.It is a map where the keys are the label keys and the values are the corresponding label values.Pods will only be scheduled on nodes that have all the specified labels with the corresponding values.For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'},pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd'and the 'environment' label with value 'production'.This field allows users to control Pod placement based on specific node labels.It can be used to ensure that Pods are scheduled on nodes with certain characteristics,such as specific hardware (e.g., SSD), environment (e.g., production, staging),or any other custom labels assigned to nodes. +- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component.It determines how pods should be spread across nodes to improve availability and performance.It can have the following values: 'Preferred' and 'Required'.The default value is 'Preferred'. +- `tenancy` (String) Determines the level of resource isolation between Pods.It can have the following values: 'SharedNode' and 'DedicatedNode'.- SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s.- DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. +- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinityand Pod spread constraints.In K8s, a topology domain is a set of nodes that have the same value for a specific label key.Nodes with labels containing any of the specified TopologyKeys and identical values are consideredto be in the same topology domain.Note: The concept of topology in the context of K8s TopologyKeys is different from the concept oftopology in the ClusterDefinition.When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule thePod on nodes with different values for the specified TopologyKeys.This ensures that Pods are spread across different topology domains, promoting high availability andreducing the impact of node failures.Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone',are often used as TopologyKey.These keys represent the hostname and zone of a node, respectively.By including these keys in the TopologyKeys list, Pods will be spread across nodes withdifferent hostnames or zones.In addition to the well-known keys, users can also specify custom label keys as TopologyKeys.This allows for more flexible and custom topology definitions based on the specific needsof the application or environment.The TopologyKeys field is a slice of strings, where each string represents a label key.The order of the keys in the slice does not matter. @@ -163,9 +163,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--configs--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--configs--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -174,11 +174,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -188,20 +188,20 @@ Optional: Required: -- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate. This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. The specified name overrides any default naming conventions or patterns. +- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate.This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinalusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.The specified name overrides any default naming conventions or patterns. Optional: -- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations. Existing keys will have their values overwritten, while new keys will be added to the annotations. -- `env` (Attributes List) Defines Env to override. Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env)) +- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations.Existing keys will have their values overwritten, while new keys will be added to the annotations. +- `env` (Attributes List) Defines Env to override.Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env)) - `image` (String) Specifies an override for the first container's image in the Pod. -- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels. Values for existing keys will be overwritten, and new keys will be added. -- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate. This field allows setting how many replicated instances of the Component, with the specific overrides in the InstanceTemplate, are created. The default value is 1. A value of 0 disables instance creation. -- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod. This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--component_specs--instances--resources)) +- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels.Values for existing keys will be overwritten, and new keys will be added. +- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate.This field allows setting how many replicated instances of the Component,with the specific overrides in the InstanceTemplate, are created.The default value is 1. A value of 0 disables instance creation. +- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod.This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--component_specs--instances--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy)) -- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override. Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates)) -- `volume_mounts` (Attributes List) Defines VolumeMounts to override. Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_mounts)) -- `volumes` (Attributes List) Defines Volumes to override. Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes)) +- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override.Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates)) +- `volume_mounts` (Attributes List) Defines VolumeMounts to override.Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_mounts)) +- `volumes` (Attributes List) Defines Volumes to override.Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes)) ### Nested Schema for `spec.component_specs.instances.env` @@ -212,7 +212,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from)) @@ -221,8 +221,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--component_specs--instances--env--value_from--secret_key_ref)) @@ -234,7 +234,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -272,7 +272,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -283,16 +283,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_specs.instances.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -302,11 +302,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity` @@ -322,8 +322,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -347,11 +347,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -360,11 +360,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -390,11 +390,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -403,11 +403,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -418,8 +418,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -427,20 +427,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -448,7 +448,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -456,11 +456,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -470,7 +470,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -478,11 +478,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -493,13 +493,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -507,7 +507,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -515,11 +515,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -529,7 +529,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -537,11 +537,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -552,8 +552,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -561,20 +561,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -582,7 +582,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -590,11 +590,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -604,7 +604,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -612,11 +612,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -627,13 +627,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -641,7 +641,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -649,11 +649,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -663,7 +663,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -671,11 +671,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -687,11 +687,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -699,17 +699,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.topology_spread_constraints.label_selector` @@ -717,7 +717,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -725,11 +725,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -740,20 +740,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec)) ### Nested Schema for `spec.component_specs.instances.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -761,16 +761,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_specs.instances.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -781,15 +781,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -797,37 +797,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--vsphere_volume)) @@ -836,13 +836,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -856,9 +856,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -871,7 +871,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -879,22 +879,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.component_specs.instances.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -903,20 +903,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--cinder--secret_ref)) ### Nested Schema for `spec.component_specs.instances.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -925,9 +925,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -936,11 +936,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -949,21 +949,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.component_specs.instances.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -972,7 +972,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--downward_api--items)) @@ -985,8 +985,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.component_specs.instances.volumes.downward_api.items.field_ref` @@ -1020,8 +1020,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -1029,31 +1029,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.component_specs.instances.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.component_specs.instances.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -1066,7 +1066,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -1079,8 +1079,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -1088,16 +1088,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_specs.instances.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1107,7 +1107,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.instances.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -1115,11 +1115,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1143,11 +1143,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -1159,17 +1159,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.component_specs.instances.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1178,7 +1178,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -1187,13 +1187,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -1205,7 +1205,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -1214,12 +1214,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -1227,11 +1227,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -1241,17 +1241,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--iscsi--secret_ref)) @@ -1259,7 +1259,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1268,12 +1268,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -1281,11 +1281,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -1297,7 +1297,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -1309,8 +1309,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -1318,7 +1318,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources)) @@ -1336,8 +1336,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -1346,11 +1346,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1371,8 +1371,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.component_specs.instances.volumes.projected.sources.downward_api.items.field_ref` @@ -1406,8 +1406,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -1416,11 +1416,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1429,12 +1429,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -1444,15 +1444,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -1460,24 +1460,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.component_specs.instances.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1487,25 +1487,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.component_specs.instances.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1514,10 +1514,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.component_specs.instances.volumes.secret.items` @@ -1525,11 +1525,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1538,18 +1538,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--component_specs--instances--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.component_specs.instances.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1562,7 +1562,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -1574,11 +1574,11 @@ Optional: Required: -- `name` (String) The issuer for TLS certificates. It only allows two enum values: 'KubeBlocks' and 'UserProvided'. - 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used. - 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. +- `name` (String) The issuer for TLS certificates.It only allows two enum values: 'KubeBlocks' and 'UserProvided'.- 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used.- 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. Optional: -- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates. It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--component_specs--issuer--secret_ref)) +- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates.It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--component_specs--issuer--secret_ref)) ### Nested Schema for `spec.component_specs.issuer.secret_ref` @@ -1597,16 +1597,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_specs.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1616,11 +1616,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.component_specs.scheduling_policy.affinity` @@ -1636,8 +1636,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1661,11 +1661,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1674,11 +1674,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1704,11 +1704,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1717,11 +1717,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1732,8 +1732,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1741,20 +1741,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1762,7 +1762,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1770,11 +1770,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1784,7 +1784,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1792,11 +1792,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1807,13 +1807,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1821,7 +1821,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1829,11 +1829,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1843,7 +1843,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1851,11 +1851,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1866,8 +1866,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1875,20 +1875,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1896,7 +1896,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1904,11 +1904,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1918,7 +1918,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1926,11 +1926,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1941,13 +1941,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1955,7 +1955,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1963,11 +1963,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1977,7 +1977,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1985,11 +1985,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2001,11 +2001,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2013,17 +2013,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.component_specs.scheduling_policy.topology_spread_constraints.label_selector` @@ -2031,7 +2031,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--component_specs--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.component_specs.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -2039,11 +2039,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2054,14 +2054,14 @@ Optional: Required: -- `name` (String) Specifies the identifier of the service reference declaration. It corresponds to the serviceRefDeclaration name defined in either: - 'componentDefinition.spec.serviceRefDeclarations[*].name' - 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) +- `name` (String) Specifies the identifier of the service reference declaration.It corresponds to the serviceRefDeclaration name defined in either:- 'componentDefinition.spec.serviceRefDeclarations[*].name'- 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) Optional: -- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced. This is used when services from another KubeBlocks Cluster are consumed. By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential' will be utilized to bind to the current Component. This credential should include: 'endpoint', 'port', 'username', and 'password'. Note: - The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach. - If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence. Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated, use 'clusterServiceSelector' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster. It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs--cluster_service_selector)) -- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object. If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the current Cluster by default. -- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources. When referencing a service provided by external sources, a ServiceDescriptor object is required to establish the service binding. The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKind and serviceVersion declared in the definition. If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. +- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced.This is used when services from another KubeBlocks Cluster are consumed.By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential'will be utilized to bind to the current Component. This credential should include:'endpoint', 'port', 'username', and 'password'.Note:- The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach.- If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence.Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated,use 'clusterServiceSelector' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster.It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs--cluster_service_selector)) +- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object.If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the currentCluster by default. +- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources.When referencing a service provided by external sources, a ServiceDescriptor object is required to establishthe service binding.The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKindand serviceVersion declared in the definition.If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. ### Nested Schema for `spec.component_specs.service_refs.cluster_service_selector` @@ -2072,7 +2072,7 @@ Required: Optional: -- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts' of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs--cluster_service_selector--credential)) +- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster.The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts'of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs--cluster_service_selector--credential)) - `service` (Attributes) Identifies a ClusterService from the list of Services defined in 'cluster.spec.services' of the referenced Cluster. (see [below for nested schema](#nestedatt--spec--component_specs--service_refs--cluster_service_selector--service)) @@ -2089,12 +2089,12 @@ Required: Required: -- `service` (String) The name of the Service to be referenced. Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name,service2.name... +- `service` (String) The name of the Service to be referenced.Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name,service2.name... Optional: -- `component` (String) The name of the Component where the Service resides in. It is required when referencing a Component's Service. -- `port` (String) The port name of the Service to be referenced. If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... +- `component` (String) The name of the Component where the Service resides in.It is required when referencing a Component's Service. +- `port` (String) The port name of the Service to be referenced.If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... @@ -2108,9 +2108,9 @@ Required: Optional: -- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. -- `pod_service` (Boolean) Indicates whether to generate individual Services for each Pod. If set to true, a separate Service will be created for each Pod in the Cluster. -- `service_type` (String) Determines how the Service is exposed. Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'. - 'ClusterIP' allocates a Cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects. - 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP. - 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the ClusterIP. Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService. For more info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. +- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here.More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +- `pod_service` (Boolean) Indicates whether to generate individual Services for each Pod.If set to true, a separate Service will be created for each Pod in the Cluster. +- `service_type` (String) Determines how the Service is exposed. Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'.- 'ClusterIP' allocates a Cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects.- 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP.- 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the ClusterIP.Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService.For more info, see:https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. @@ -2130,8 +2130,8 @@ Required: Optional: -- `password_config` (Attributes) Specifies the policy for generating the account's password. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--component_specs--system_accounts--password_config)) -- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--component_specs--system_accounts--secret_ref)) +- `password_config` (Attributes) Specifies the policy for generating the account's password.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--component_specs--system_accounts--password_config)) +- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--component_specs--system_accounts--secret_ref)) ### Nested Schema for `spec.component_specs.system_accounts.password_config` @@ -2142,7 +2142,7 @@ Optional: - `letter_case` (String) The case of the letters in the password. - `num_digits` (Number) The number of digits in the password. - `num_symbols` (Number) The number of symbols in the password. -- `seed` (String) Seed to generate the account's password. Cannot be updated. +- `seed` (String) Seed to generate the account's password.Cannot be updated. @@ -2182,9 +2182,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs--config_map_refs--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs--config_map_refs--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -2193,11 +2193,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2221,10 +2221,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs--secret_refs--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--component_specs--user_resource_refs--secret_refs--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.component_specs.user_resource_refs.secret_refs.secret.items` @@ -2232,11 +2232,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2247,20 +2247,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec)) ### Nested Schema for `spec.component_specs.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -2268,16 +2268,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--component_specs--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.component_specs.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2298,8 +2298,8 @@ Optional: Optional: -- `cpu` (String) Specifies the amount of CPU resource the Cluster needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `memory` (String) Specifies the amount of memory resource the Cluster needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `cpu` (String) Specifies the amount of CPU resource the Cluster needs.For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `memory` (String) Specifies the amount of memory resource the Cluster needs.For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ @@ -2308,11 +2308,11 @@ Optional: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.scheduling_policy.affinity` @@ -2328,8 +2328,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -2353,11 +2353,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -2366,11 +2366,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -2396,11 +2396,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -2409,11 +2409,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -2424,8 +2424,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -2433,20 +2433,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -2454,7 +2454,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -2462,11 +2462,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2476,7 +2476,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -2484,11 +2484,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2499,13 +2499,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -2513,7 +2513,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -2521,11 +2521,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2535,7 +2535,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -2543,11 +2543,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2558,8 +2558,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -2567,20 +2567,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -2588,7 +2588,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -2596,11 +2596,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2610,7 +2610,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -2618,11 +2618,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2633,13 +2633,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -2647,7 +2647,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -2655,11 +2655,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2669,7 +2669,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -2677,11 +2677,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2693,11 +2693,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2705,17 +2705,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.scheduling_policy.topology_spread_constraints.label_selector` @@ -2723,7 +2723,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -2731,11 +2731,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2746,12 +2746,12 @@ Optional: Required: -- `name` (String) Represents the common parent part of all shard names. This identifier is included as part of the Service DNS name and must comply with IANA service naming rules. It is used to generate the names of underlying Components following the pattern '$(shardingSpec.name)-$(ShardID)'. ShardID is a random string that is appended to the Name to generate unique identifiers for each shard. For example, if the sharding specification name is 'my-shard' and the ShardID is 'abc', the resulting Component name would be 'my-shard-abc'. Note that the name defined in Component template('shardingSpec.template.name') will be disregarded when generating the Component names of the shards. The 'shardingSpec.name' field takes precedence. -- `template` (Attributes) The template for generating Components for shards, where each shard consists of one Component. This field is of type ClusterComponentSpec, which encapsulates all the required details and definitions for creating and managing the Components. KubeBlocks uses this template to generate a set of identical Components or shards. All the generated Components will have the same specifications and definitions as specified in the 'template' field. This allows for the creation of multiple Components with consistent configurations, enabling sharding and distribution of workloads across Components. (see [below for nested schema](#nestedatt--spec--sharding_specs--template)) +- `name` (String) Represents the common parent part of all shard names.This identifier is included as part of the Service DNS name and must comply with IANA service naming rules.It is used to generate the names of underlying Components following the pattern '$(shardingSpec.name)-$(ShardID)'.ShardID is a random string that is appended to the Name to generate unique identifiers for each shard.For example, if the sharding specification name is 'my-shard' and the ShardID is 'abc', the resulting Component namewould be 'my-shard-abc'.Note that the name defined in Component template('shardingSpec.template.name') will be disregardedwhen generating the Component names of the shards. The 'shardingSpec.name' field takes precedence. +- `template` (Attributes) The template for generating Components for shards, where each shard consists of one Component.This field is of type ClusterComponentSpec, which encapsulates all the required details anddefinitions for creating and managing the Components.KubeBlocks uses this template to generate a set of identical Components or shards.All the generated Components will have the same specifications and definitions as specified in the 'template' field.This allows for the creation of multiple Components with consistent configurations,enabling sharding and distribution of workloads across Components. (see [below for nested schema](#nestedatt--spec--sharding_specs--template)) Optional: -- `shards` (Number) Specifies the desired number of shards. Users can declare the desired number of shards through this field. KubeBlocks dynamically creates and deletes Components based on the difference between the desired and actual number of shards. KubeBlocks provides lifecycle management for sharding, including: - Executing the postProvision Action defined in the ComponentDefinition when the number of shards increases. This allows for custom actions to be performed after a new shard is provisioned. - Executing the preTerminate Action defined in the ComponentDefinition when the number of shards decreases. This enables custom cleanup or data migration tasks to be executed before a shard is terminated. Resources and data associated with the corresponding Component will also be deleted. +- `shards` (Number) Specifies the desired number of shards.Users can declare the desired number of shards through this field.KubeBlocks dynamically creates and deletes Components based on the differencebetween the desired and actual number of shards.KubeBlocks provides lifecycle management for sharding, including:- Executing the postProvision Action defined in the ComponentDefinition when the number of shards increases. This allows for custom actions to be performed after a new shard is provisioned.- Executing the preTerminate Action defined in the ComponentDefinition when the number of shards decreases. This enables custom cleanup or data migration tasks to be executed before a shard is terminated. Resources and data associated with the corresponding Component will also be deleted. ### Nested Schema for `spec.sharding_specs.template` @@ -2762,40 +2762,40 @@ Required: Optional: -- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component. It allows users to control how the Component's Pods are scheduled onto nodes in the K8s cluster. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--affinity)) -- `component_def` (String) References the name of a ComponentDefinition object. The ComponentDefinition specifies the behavior and characteristics of the Component. If both 'componentDefRef' and 'componentDef' are provided, the 'componentDef' will take precedence over 'componentDefRef'. -- `component_def_ref` (String) References a ClusterComponentDefinition defined in the 'clusterDefinition.spec.componentDef' field. Must comply with the IANA service naming rule. Deprecated since v0.9, because defining Components in 'clusterDefinition.spec.componentDef' field has been deprecated. This field is replaced by the 'componentDef' field, use 'componentDef' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='componentDefRef is immutable' +- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component.It allows users to control how the Component's Pods are scheduled onto nodes in the K8s cluster.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--affinity)) +- `component_def` (String) References the name of a ComponentDefinition object.The ComponentDefinition specifies the behavior and characteristics of the Component.If both 'componentDefRef' and 'componentDef' are provided,the 'componentDef' will take precedence over 'componentDefRef'. +- `component_def_ref` (String) References a ClusterComponentDefinition defined in the 'clusterDefinition.spec.componentDef' field.Must comply with the IANA service naming rule.Deprecated since v0.9,because defining Components in 'clusterDefinition.spec.componentDef' field has been deprecated.This field is replaced by the 'componentDef' field, use 'componentDef' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases.TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='componentDefRef is immutable' - `configs` (Attributes List) (see [below for nested schema](#nestedatt--spec--sharding_specs--template--configs)) -- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service. If set to true, the following annotations will not be patched into the Service: - 'monitor.kubeblocks.io/path' - 'monitor.kubeblocks.io/port' - 'monitor.kubeblocks.io/scheme' These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. -- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Component. The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries. The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries. For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries with names 'slow_query_log' and 'error_log', you can enable the collection of these logs by including their names in the 'enabledLogs' array: '''yaml enabledLogs: - slow_query_log - error_log ''' -- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component. An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). While instances typically share a common configuration as defined in the ClusterComponentSpec, they can require unique settings in various scenarios: For example: - A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources. - During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly. InstanceTemplate allows for specifying these unique configurations per instance. Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal), starting with an ordinal of 0. It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts. The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component. Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances)) -- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer. It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--issuer)) -- `monitor` (Boolean) Deprecated since v0.9 Determines whether metrics exporter information is annotated on the Component's headless Service. If set to true, the following annotations will be patched into the Service: - 'monitor.kubeblocks.io/path' - 'monitor.kubeblocks.io/port' - 'monitor.kubeblocks.io/scheme' These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. -- `name` (String) Specifies the Component's name. It's part of the Service DNS name and must comply with the IANA service naming rule. The name is optional when ClusterComponentSpec is used as a template (e.g., in 'shardingSpec'), but required otherwise. TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='name is immutable' -- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status. Marking an instance as offline results in the following: 1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used. 2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances. Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining ordinal consistency within the Cluster. Note that offline instances and their associated resources, such as PVCs, are not automatically deleted. The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. -- `resources` (Attributes) Specifies the resources required by the Component. It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--resources)) +- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service.If set to true, the following annotations will not be patched into the Service:- 'monitor.kubeblocks.io/path'- 'monitor.kubeblocks.io/port'- 'monitor.kubeblocks.io/scheme'These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. +- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Component.The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries.The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries.For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries withnames 'slow_query_log' and 'error_log',you can enable the collection of these logs by including their names in the 'enabledLogs' array:'''yamlenabledLogs:- slow_query_log- error_log''' +- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component.An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).While instances typically share a common configuration as defined in the ClusterComponentSpec,they can require unique settings in various scenarios:For example:- A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources.- During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly.InstanceTemplate allows for specifying these unique configurations per instance.Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),starting with an ordinal of 0.It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component.Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances)) +- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer.It allows defining the issuer name and the reference to the secret containing the TLS certificates and key.The secret should contain the CA certificate, TLS certificate, and private key in the specified keys.Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--issuer)) +- `monitor` (Boolean) Deprecated since v0.9Determines whether metrics exporter information is annotated on the Component's headless Service.If set to true, the following annotations will be patched into the Service:- 'monitor.kubeblocks.io/path'- 'monitor.kubeblocks.io/port'- 'monitor.kubeblocks.io/scheme'These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. +- `name` (String) Specifies the Component's name.It's part of the Service DNS name and must comply with the IANA service naming rule.The name is optional when ClusterComponentSpec is used as a template (e.g., in 'shardingSpec'),but required otherwise.TODO +kubebuilder:validation:XValidation:rule='self == oldSelf',message='name is immutable' +- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status.Marking an instance as offline results in the following:1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used.2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances.Setting instances to offline allows for a controlled scale-in process, preserving their data and maintainingordinal consistency within the Cluster.Note that offline instances and their associated resources, such as PVCs, are not automatically deleted.The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. +- `resources` (Attributes) Specifies the resources required by the Component.It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy)) -- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component. This ServiceAccount is used to grant necessary permissions for the Component's Pods to interact with other Kubernetes resources, such as modifying Pod labels or sending events. Defaults: If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}', bound to a default role installed together with KubeBlocks. Future Changes: Future versions might change the default ServiceAccount creation strategy to one per Component, potentially revising the naming to 'kb-{cluster.name}-{component.name}'. Users can override the automatic ServiceAccount assignment by explicitly setting the name of an existed ServiceAccount in this field. -- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services and Services provided by other Clusters. Types of services: - External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details. - Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names. ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same. Example: '''yaml serviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql' ''' The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs)) -- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component. The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). If no version is specified, the latest available version will be used. +- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component.This ServiceAccount is used to grant necessary permissions for the Component's Pods to interactwith other Kubernetes resources, such as modifying Pod labels or sending events.Defaults:If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}',bound to a default role installed together with KubeBlocks.Future Changes:Future versions might change the default ServiceAccount creation strategy to one per Component,potentially revising the naming to 'kb-{cluster.name}-{component.name}'.Users can override the automatic ServiceAccount assignment by explicitly setting the name ofan existed ServiceAccount in this field. +- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services andServices provided by other Clusters.Types of services:- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details.- Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names.ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same.Example:'''yamlserviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql''''The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs)) +- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component.The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/).If no version is specified, the latest available version will be used. - `services` (Attributes List) Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--services)) -- `switch_policy` (Attributes) Defines the strategy for switchover and failover when workloadType is Replication. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--switch_policy)) +- `switch_policy` (Attributes) Defines the strategy for switchover and failover when workloadType is Replication.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--switch_policy)) - `system_accounts` (Attributes List) Overrides system accounts defined in referenced ComponentDefinition. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--system_accounts)) -- `tls` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication. When set to true, the Component will be configured to use TLS encryption for its network connections. This ensures that the data transmitted between the Component and its clients or other Components is encrypted and protected from unauthorized access. If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys, to properly set up the secure communication channel. -- `tolerations` (Map of String) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. -- `update_strategy` (String) Defines the update strategy for the Component. Deprecated since v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `user_resource_refs` (Attributes) Allows users to specify custom ConfigMaps and Secrets to be mounted as volumes in the Cluster's Pods. This is useful in scenarios where users need to provide additional resources to the Cluster, such as: - Mounting custom scripts or configuration files during Cluster startup. - Mounting Secrets as volumes to provide sensitive information, like S3 AK/SK, to the Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs)) -- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component. Each template specifies the desired characteristics of a persistent volume, such as storage class, size, and access modes. These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates)) +- `tls` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS)for secure communication.When set to true, the Component will be configured to use TLS encryption for its network connections.This ensures that the data transmitted between the Component and its clients or other Components is encryptedand protected from unauthorized access.If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys,to properly set up the secure communication channel. +- `tolerations` (Map of String) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. +- `update_strategy` (String) Defines the update strategy for the Component.Deprecated since v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `user_resource_refs` (Attributes) Allows users to specify custom ConfigMaps and Secrets to be mounted as volumesin the Cluster's Pods.This is useful in scenarios where users need to provide additional resources to the Cluster, such as:- Mounting custom scripts or configuration files during Cluster startup.- Mounting Secrets as volumes to provide sensitive information, like S3 AK/SK, to the Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs)) +- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.Each template specifies the desired characteristics of a persistent volume, such as storage class,size, and access modes.These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates)) ### Nested Schema for `spec.sharding_specs.template.affinity` Optional: -- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them. It is a map where the keys are the label keys and the values are the corresponding label values. Pods will only be scheduled on nodes that have all the specified labels with the corresponding values. For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'}, pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd' and the 'environment' label with value 'production'. This field allows users to control Pod placement based on specific node labels. It can be used to ensure that Pods are scheduled on nodes with certain characteristics, such as specific hardware (e.g., SSD), environment (e.g., production, staging), or any other custom labels assigned to nodes. -- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component. It determines how pods should be spread across nodes to improve availability and performance. It can have the following values: 'Preferred' and 'Required'. The default value is 'Preferred'. -- `tenancy` (String) Determines the level of resource isolation between Pods. It can have the following values: 'SharedNode' and 'DedicatedNode'. - SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s. - DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. -- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinity and Pod spread constraints. In K8s, a topology domain is a set of nodes that have the same value for a specific label key. Nodes with labels containing any of the specified TopologyKeys and identical values are considered to be in the same topology domain. Note: The concept of topology in the context of K8s TopologyKeys is different from the concept of topology in the ClusterDefinition. When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule the Pod on nodes with different values for the specified TopologyKeys. This ensures that Pods are spread across different topology domains, promoting high availability and reducing the impact of node failures. Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone', are often used as TopologyKey. These keys represent the hostname and zone of a node, respectively. By including these keys in the TopologyKeys list, Pods will be spread across nodes with different hostnames or zones. In addition to the well-known keys, users can also specify custom label keys as TopologyKeys. This allows for more flexible and custom topology definitions based on the specific needs of the application or environment. The TopologyKeys field is a slice of strings, where each string represents a label key. The order of the keys in the slice does not matter. +- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them.It is a map where the keys are the label keys and the values are the corresponding label values.Pods will only be scheduled on nodes that have all the specified labels with the corresponding values.For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'},pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd'and the 'environment' label with value 'production'.This field allows users to control Pod placement based on specific node labels.It can be used to ensure that Pods are scheduled on nodes with certain characteristics,such as specific hardware (e.g., SSD), environment (e.g., production, staging),or any other custom labels assigned to nodes. +- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component.It determines how pods should be spread across nodes to improve availability and performance.It can have the following values: 'Preferred' and 'Required'.The default value is 'Preferred'. +- `tenancy` (String) Determines the level of resource isolation between Pods.It can have the following values: 'SharedNode' and 'DedicatedNode'.- SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s.- DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. +- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinityand Pod spread constraints.In K8s, a topology domain is a set of nodes that have the same value for a specific label key.Nodes with labels containing any of the specified TopologyKeys and identical values are consideredto be in the same topology domain.Note: The concept of topology in the context of K8s TopologyKeys is different from the concept oftopology in the ClusterDefinition.When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule thePod on nodes with different values for the specified TopologyKeys.This ensures that Pods are spread across different topology domains, promoting high availability andreducing the impact of node failures.Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone',are often used as TopologyKey.These keys represent the hostname and zone of a node, respectively.By including these keys in the TopologyKeys list, Pods will be spread across nodes withdifferent hostnames or zones.In addition to the well-known keys, users can also specify custom label keys as TopologyKeys.This allows for more flexible and custom topology definitions based on the specific needsof the application or environment.The TopologyKeys field is a slice of strings, where each string represents a label key.The order of the keys in the slice does not matter. @@ -2811,9 +2811,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--configs--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--configs--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -2822,11 +2822,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2836,20 +2836,20 @@ Optional: Required: -- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate. This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. The specified name overrides any default naming conventions or patterns. +- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate.This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinalusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.The specified name overrides any default naming conventions or patterns. Optional: -- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations. Existing keys will have their values overwritten, while new keys will be added to the annotations. -- `env` (Attributes List) Defines Env to override. Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env)) +- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations.Existing keys will have their values overwritten, while new keys will be added to the annotations. +- `env` (Attributes List) Defines Env to override.Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env)) - `image` (String) Specifies an override for the first container's image in the Pod. -- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels. Values for existing keys will be overwritten, and new keys will be added. -- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate. This field allows setting how many replicated instances of the Component, with the specific overrides in the InstanceTemplate, are created. The default value is 1. A value of 0 disables instance creation. -- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod. This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--resources)) +- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels.Values for existing keys will be overwritten, and new keys will be added. +- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate.This field allows setting how many replicated instances of the Component,with the specific overrides in the InstanceTemplate, are created.The default value is 1. A value of 0 disables instance creation. +- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod.This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy)) -- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override. Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates)) -- `volume_mounts` (Attributes List) Defines VolumeMounts to override. Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_mounts)) -- `volumes` (Attributes List) Defines Volumes to override. Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes)) +- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override.Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates)) +- `volume_mounts` (Attributes List) Defines VolumeMounts to override.Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_mounts)) +- `volumes` (Attributes List) Defines Volumes to override.Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes)) ### Nested Schema for `spec.sharding_specs.template.instances.env` @@ -2860,7 +2860,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from)) @@ -2869,8 +2869,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--env--value_from--secret_key_ref)) @@ -2882,7 +2882,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -2920,7 +2920,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -2931,16 +2931,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.sharding_specs.template.instances.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2950,11 +2950,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity` @@ -2970,8 +2970,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -2995,11 +2995,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -3008,11 +3008,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -3038,11 +3038,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -3051,11 +3051,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -3066,8 +3066,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -3075,20 +3075,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -3096,7 +3096,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -3104,11 +3104,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3118,7 +3118,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -3126,11 +3126,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3141,13 +3141,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -3155,7 +3155,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -3163,11 +3163,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3177,7 +3177,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -3185,11 +3185,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3200,8 +3200,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -3209,20 +3209,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -3230,7 +3230,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -3238,11 +3238,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3252,7 +3252,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -3260,11 +3260,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3275,13 +3275,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -3289,7 +3289,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -3297,11 +3297,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3311,7 +3311,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -3319,11 +3319,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3335,11 +3335,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -3347,17 +3347,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.topology_spread_constraints.label_selector` @@ -3365,7 +3365,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -3373,11 +3373,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3388,20 +3388,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec)) ### Nested Schema for `spec.sharding_specs.template.instances.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -3409,16 +3409,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.sharding_specs.template.instances.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -3429,15 +3429,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -3445,37 +3445,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--vsphere_volume)) @@ -3484,13 +3484,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -3504,9 +3504,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3519,7 +3519,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3527,22 +3527,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.sharding_specs.template.instances.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3551,20 +3551,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--cinder--secret_ref)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3573,9 +3573,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -3584,11 +3584,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3597,21 +3597,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.sharding_specs.template.instances.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3620,7 +3620,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--downward_api--items)) @@ -3633,8 +3633,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.downward_api.items.field_ref` @@ -3668,8 +3668,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -3677,31 +3677,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3714,7 +3714,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -3727,8 +3727,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -3736,16 +3736,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.sharding_specs.template.instances.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -3755,7 +3755,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.instances.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -3763,11 +3763,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -3791,11 +3791,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -3807,17 +3807,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3826,7 +3826,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -3835,13 +3835,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -3853,7 +3853,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -3862,12 +3862,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -3875,11 +3875,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -3889,17 +3889,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--iscsi--secret_ref)) @@ -3907,7 +3907,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3916,12 +3916,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -3929,11 +3929,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -3945,7 +3945,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -3957,8 +3957,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3966,7 +3966,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources)) @@ -3984,8 +3984,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -3994,11 +3994,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -4019,8 +4019,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.sharding_specs.template.instances.volumes.projected.sources.downward_api.items.field_ref` @@ -4054,8 +4054,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -4064,11 +4064,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -4077,12 +4077,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -4092,15 +4092,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -4108,24 +4108,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.sharding_specs.template.instances.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -4135,25 +4135,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.sharding_specs.template.instances.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -4162,10 +4162,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.sharding_specs.template.instances.volumes.secret.items` @@ -4173,11 +4173,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -4186,18 +4186,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--instances--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.sharding_specs.template.instances.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -4210,7 +4210,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -4222,11 +4222,11 @@ Optional: Required: -- `name` (String) The issuer for TLS certificates. It only allows two enum values: 'KubeBlocks' and 'UserProvided'. - 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used. - 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. +- `name` (String) The issuer for TLS certificates.It only allows two enum values: 'KubeBlocks' and 'UserProvided'.- 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used.- 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. Optional: -- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates. It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--issuer--secret_ref)) +- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates.It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--issuer--secret_ref)) ### Nested Schema for `spec.sharding_specs.template.issuer.secret_ref` @@ -4245,16 +4245,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.sharding_specs.template.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -4264,11 +4264,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity` @@ -4284,8 +4284,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -4309,11 +4309,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -4322,11 +4322,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -4352,11 +4352,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -4365,11 +4365,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -4380,8 +4380,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -4389,20 +4389,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -4410,7 +4410,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -4418,11 +4418,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4432,7 +4432,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -4440,11 +4440,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4455,13 +4455,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -4469,7 +4469,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -4477,11 +4477,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4491,7 +4491,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -4499,11 +4499,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4514,8 +4514,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -4523,20 +4523,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -4544,7 +4544,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -4552,11 +4552,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4566,7 +4566,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -4574,11 +4574,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4589,13 +4589,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -4603,7 +4603,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -4611,11 +4611,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4625,7 +4625,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -4633,11 +4633,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4649,11 +4649,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -4661,17 +4661,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.topology_spread_constraints.label_selector` @@ -4679,7 +4679,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.sharding_specs.template.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -4687,11 +4687,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -4702,14 +4702,14 @@ Optional: Required: -- `name` (String) Specifies the identifier of the service reference declaration. It corresponds to the serviceRefDeclaration name defined in either: - 'componentDefinition.spec.serviceRefDeclarations[*].name' - 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) +- `name` (String) Specifies the identifier of the service reference declaration.It corresponds to the serviceRefDeclaration name defined in either:- 'componentDefinition.spec.serviceRefDeclarations[*].name'- 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) Optional: -- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced. This is used when services from another KubeBlocks Cluster are consumed. By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential' will be utilized to bind to the current Component. This credential should include: 'endpoint', 'port', 'username', and 'password'. Note: - The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach. - If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence. Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated, use 'clusterServiceSelector' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster. It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs--cluster_service_selector)) -- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object. If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the current Cluster by default. -- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources. When referencing a service provided by external sources, a ServiceDescriptor object is required to establish the service binding. The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKind and serviceVersion declared in the definition. If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. +- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced.This is used when services from another KubeBlocks Cluster are consumed.By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential'will be utilized to bind to the current Component. This credential should include:'endpoint', 'port', 'username', and 'password'.Note:- The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach.- If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence.Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated,use 'clusterServiceSelector' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster.It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs--cluster_service_selector)) +- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object.If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the currentCluster by default. +- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources.When referencing a service provided by external sources, a ServiceDescriptor object is required to establishthe service binding.The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKindand serviceVersion declared in the definition.If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. ### Nested Schema for `spec.sharding_specs.template.service_refs.cluster_service_selector` @@ -4720,7 +4720,7 @@ Required: Optional: -- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts' of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs--cluster_service_selector--credential)) +- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster.The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts'of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs--cluster_service_selector--credential)) - `service` (Attributes) Identifies a ClusterService from the list of Services defined in 'cluster.spec.services' of the referenced Cluster. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--service_refs--cluster_service_selector--service)) @@ -4737,12 +4737,12 @@ Required: Required: -- `service` (String) The name of the Service to be referenced. Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name,service2.name... +- `service` (String) The name of the Service to be referenced.Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name,service2.name... Optional: -- `component` (String) The name of the Component where the Service resides in. It is required when referencing a Component's Service. -- `port` (String) The port name of the Service to be referenced. If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... +- `component` (String) The name of the Component where the Service resides in.It is required when referencing a Component's Service. +- `port` (String) The port name of the Service to be referenced.If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... @@ -4756,9 +4756,9 @@ Required: Optional: -- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. -- `pod_service` (Boolean) Indicates whether to generate individual Services for each Pod. If set to true, a separate Service will be created for each Pod in the Cluster. -- `service_type` (String) Determines how the Service is exposed. Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'. - 'ClusterIP' allocates a Cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects. - 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP. - 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the ClusterIP. Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService. For more info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. +- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here.More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +- `pod_service` (Boolean) Indicates whether to generate individual Services for each Pod.If set to true, a separate Service will be created for each Pod in the Cluster. +- `service_type` (String) Determines how the Service is exposed. Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'.- 'ClusterIP' allocates a Cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects.- 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP.- 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the ClusterIP.Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService.For more info, see:https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. @@ -4778,8 +4778,8 @@ Required: Optional: -- `password_config` (Attributes) Specifies the policy for generating the account's password. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--system_accounts--password_config)) -- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--system_accounts--secret_ref)) +- `password_config` (Attributes) Specifies the policy for generating the account's password.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--system_accounts--password_config)) +- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--system_accounts--secret_ref)) ### Nested Schema for `spec.sharding_specs.template.system_accounts.password_config` @@ -4790,7 +4790,7 @@ Optional: - `letter_case` (String) The case of the letters in the password. - `num_digits` (Number) The number of digits in the password. - `num_symbols` (Number) The number of symbols in the password. -- `seed` (String) Seed to generate the account's password. Cannot be updated. +- `seed` (String) Seed to generate the account's password.Cannot be updated. @@ -4830,9 +4830,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs--config_map_refs--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs--config_map_refs--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -4841,11 +4841,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -4869,10 +4869,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs--secret_refs--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--user_resource_refs--secret_refs--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.sharding_specs.template.user_resource_refs.secret_refs.secret.items` @@ -4880,11 +4880,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -4895,20 +4895,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec)) ### Nested Schema for `spec.sharding_specs.template.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -4916,16 +4916,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--sharding_specs--template--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.sharding_specs.template.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -4938,4 +4938,4 @@ Required: Optional: -- `size` (String) Specifies the amount of storage the Cluster needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `size` (String) Specifies the amount of storage the Cluster needs.For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ diff --git a/docs/data-sources/apps_kubeblocks_io_cluster_version_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_cluster_version_v1alpha1_manifest.md index 28ba6f1a9..16233b074 100644 --- a/docs/data-sources/apps_kubeblocks_io_cluster_version_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_cluster_version_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_cluster_version_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ClusterVersion is the Schema for the ClusterVersions API. Deprecated: ClusterVersion has been replaced by ComponentVersion since v0.9. This struct is maintained for backward compatibility and its use is discouraged. + ClusterVersion is the Schema for the ClusterVersions API.Deprecated: ClusterVersion has been replaced by ComponentVersion since v0.9.This struct is maintained for backward compatibility and its use is discouraged. --- # k8s_apps_kubeblocks_io_cluster_version_v1alpha1_manifest (Data Source) -ClusterVersion is the Schema for the ClusterVersions API. Deprecated: ClusterVersion has been replaced by ComponentVersion since v0.9. This struct is maintained for backward compatibility and its use is discouraged. +ClusterVersion is the Schema for the ClusterVersions API.Deprecated: ClusterVersion has been replaced by ComponentVersion since v0.9.This struct is maintained for backward compatibility and its use is discouraged. ## Example Usage @@ -30,7 +30,7 @@ data "k8s_apps_kubeblocks_io_cluster_version_v1alpha1_manifest" "example" { ### Optional -- `spec` (Attributes) ClusterVersionSpec defines the desired state of ClusterVersion. Deprecated since v0.9. This struct is maintained for backward compatibility and its use is discouraged. (see [below for nested schema](#nestedatt--spec)) +- `spec` (Attributes) ClusterVersionSpec defines the desired state of ClusterVersion.Deprecated since v0.9.This struct is maintained for backward compatibility and its use is discouraged. (see [below for nested schema](#nestedatt--spec)) ### Read-Only @@ -63,21 +63,21 @@ Required: Required: - `component_def_ref` (String) Specifies a reference to one of the cluster component definition names in the ClusterDefinition API (spec.componentDefs.name). -- `versions_context` (Attributes) Defines the context for container images for component versions. This value replaces the values in clusterDefinition.spec.componentDefs.podSpec.[initContainers | containers]. (see [below for nested schema](#nestedatt--spec--component_versions--versions_context)) +- `versions_context` (Attributes) Defines the context for container images for component versions.This value replaces the values in clusterDefinition.spec.componentDefs.podSpec.[initContainers | containers]. (see [below for nested schema](#nestedatt--spec--component_versions--versions_context)) Optional: -- `config_specs` (Attributes List) Defines a configuration extension mechanism to handle configuration differences between versions. The configTemplateRefs field, in conjunction with the configTemplateRefs in the ClusterDefinition, determines the final configuration file. (see [below for nested schema](#nestedatt--spec--component_versions--config_specs)) -- `switchover_spec` (Attributes) Defines the images for the component to perform a switchover. This overrides the image and env attributes defined in clusterDefinition.spec.componentDefs.SwitchoverSpec.CommandExecutorEnvItem. (see [below for nested schema](#nestedatt--spec--component_versions--switchover_spec)) -- `system_account_spec` (Attributes) Defines the image for the component to connect to databases or engines. This overrides the 'image' and 'env' attributes defined in clusterDefinition.spec.componentDefs.systemAccountSpec.cmdExecutorConfig. To clear default environment settings, set systemAccountSpec.cmdExecutorConfig.env to an empty list. (see [below for nested schema](#nestedatt--spec--component_versions--system_account_spec)) +- `config_specs` (Attributes List) Defines a configuration extension mechanism to handle configuration differences between versions.The configTemplateRefs field, in conjunction with the configTemplateRefs in the ClusterDefinition, determinesthe final configuration file. (see [below for nested schema](#nestedatt--spec--component_versions--config_specs)) +- `switchover_spec` (Attributes) Defines the images for the component to perform a switchover.This overrides the image and env attributes defined in clusterDefinition.spec.componentDefs.SwitchoverSpec.CommandExecutorEnvItem. (see [below for nested schema](#nestedatt--spec--component_versions--switchover_spec)) +- `system_account_spec` (Attributes) Defines the image for the component to connect to databases or engines.This overrides the 'image' and 'env' attributes defined in clusterDefinition.spec.componentDefs.systemAccountSpec.cmdExecutorConfig.To clear default environment settings, set systemAccountSpec.cmdExecutorConfig.env to an empty list. (see [below for nested schema](#nestedatt--spec--component_versions--system_account_spec)) ### Nested Schema for `spec.component_versions.versions_context` Optional: -- `containers` (Map of String) Provides override values for ClusterDefinition.spec.componentDefs.podSpec.containers. Typically used in scenarios such as updating application container images. -- `init_containers` (Map of String) Provides override values for ClusterDefinition.spec.componentDefs.podSpec.initContainers. Typically used in scenarios such as updating application container images. +- `containers` (Map of String) Provides override values for ClusterDefinition.spec.componentDefs.podSpec.containers.Typically used in scenarios such as updating application container images. +- `init_containers` (Map of String) Provides override values for ClusterDefinition.spec.componentDefs.podSpec.initContainers.Typically used in scenarios such as updating application container images. @@ -86,18 +86,18 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0. Use 'injectEnvTo' instead. +- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image.Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0.Use 'injectEnvTo' instead. - `constraint_ref` (String) Specifies the name of the referenced configuration constraints object. -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. -- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates. A configuration template (provided in the form of a ConfigMap) may contain templates for multiple configuration files. Each configuration file corresponds to a key in the ConfigMap. Some of these configuration files may support dynamic modification and reloading without requiring a pod restart. If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, and ConfigConstraint applies to all keys. -- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization. The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the main template's render result to generate the final configuration file. This field is intended to handle scenarios where different pods within the same Component have varying configurations. It allows for pod-specific customization of the configuration. Note: This field will be deprecated in future versions, and the functionality will be moved to 'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--component_versions--config_specs--legacy_rendered_config_spec)) -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. -- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation or cluster topology. Examples: - Redis: adjust maxmemory after v-scale operation. - MySQL: increase max connections after v-scale operation. - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image. +- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates.A configuration template (provided in the form of a ConfigMap) may contain templates for multipleconfiguration files.Each configuration file corresponds to a key in the ConfigMap.Some of these configuration files may support dynamic modification and reloading without requiringa pod restart.If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,and ConfigConstraint applies to all keys. +- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization.The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the maintemplate's render result to generate the final configuration file.This field is intended to handle scenarios where different pods within the same Component havevarying configurations. It allows for pod-specific customization of the configuration.Note: This field will be deprecated in future versions, and the functionality will be moved to'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--component_versions--config_specs--legacy_rendered_config_spec)) +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. +- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.In some scenarios, the configuration may need to be updated to reflect the changes in resource allocationor cluster topology. Examples:- Redis: adjust maxmemory after v-scale operation.- MySQL: increase max connections after v-scale operation.- Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -109,7 +109,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `policy` (String) Defines the strategy for merging externally imported templates into component templates. diff --git a/docs/data-sources/apps_kubeblocks_io_component_definition_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_component_definition_v1alpha1_manifest.md index f4f557f8c..e3f35ce67 100644 --- a/docs/data-sources/apps_kubeblocks_io_component_definition_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_component_definition_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_component_definition_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ComponentDefinition serves as a reusable blueprint for creating Components, encapsulating essential static settings such as Component description, Pod templates, configuration file templates, scripts, parameter lists, injected environment variables and their sources, and event handlers. ComponentDefinition works in conjunction with dynamic settings from the ClusterComponentSpec, to instantiate Components during Cluster creation. Key aspects that can be defined in a ComponentDefinition include: - PodSpec template: Specifies the PodSpec template used by the Component. - Configuration templates: Specify the configuration file templates required by the Component. - Scripts: Provide the necessary scripts for Component management and operations. - Storage volumes: Specify the storage volumes and their configurations for the Component. - Pod roles: Outlines various roles of Pods within the Component along with their capabilities. - Exposed Kubernetes Services: Specify the Services that need to be exposed by the Component. - System accounts: Define the system accounts required for the Component. - Monitoring and logging: Configure the exporter and logging settings for the Component. ComponentDefinitions also enable defining reactive behaviors of the Component in response to events, such as member join/leave, Component addition/deletion, role changes, switch over, and more. This allows for automatic event handling, thus encapsulating complex behaviors within the Component. Referencing a ComponentDefinition when creating individual Components ensures inheritance of predefined configurations, promoting reusability and consistency across different deployments and cluster topologies. + ComponentDefinition serves as a reusable blueprint for creating Components,encapsulating essential static settings such as Component description,Pod templates, configuration file templates, scripts, parameter lists,injected environment variables and their sources, and event handlers.ComponentDefinition works in conjunction with dynamic settings from the ClusterComponentSpec,to instantiate Components during Cluster creation.Key aspects that can be defined in a ComponentDefinition include:- PodSpec template: Specifies the PodSpec template used by the Component.- Configuration templates: Specify the configuration file templates required by the Component.- Scripts: Provide the necessary scripts for Component management and operations.- Storage volumes: Specify the storage volumes and their configurations for the Component.- Pod roles: Outlines various roles of Pods within the Component along with their capabilities.- Exposed Kubernetes Services: Specify the Services that need to be exposed by the Component.- System accounts: Define the system accounts required for the Component.- Monitoring and logging: Configure the exporter and logging settings for the Component.ComponentDefinitions also enable defining reactive behaviors of the Component in response to events,such as member join/leave, Component addition/deletion, role changes, switch over, and more.This allows for automatic event handling, thus encapsulating complex behaviors within the Component.Referencing a ComponentDefinition when creating individual Components ensures inheritance of predefined configurations,promoting reusability and consistency across different deployments and cluster topologies. --- # k8s_apps_kubeblocks_io_component_definition_v1alpha1_manifest (Data Source) -ComponentDefinition serves as a reusable blueprint for creating Components, encapsulating essential static settings such as Component description, Pod templates, configuration file templates, scripts, parameter lists, injected environment variables and their sources, and event handlers. ComponentDefinition works in conjunction with dynamic settings from the ClusterComponentSpec, to instantiate Components during Cluster creation. Key aspects that can be defined in a ComponentDefinition include: - PodSpec template: Specifies the PodSpec template used by the Component. - Configuration templates: Specify the configuration file templates required by the Component. - Scripts: Provide the necessary scripts for Component management and operations. - Storage volumes: Specify the storage volumes and their configurations for the Component. - Pod roles: Outlines various roles of Pods within the Component along with their capabilities. - Exposed Kubernetes Services: Specify the Services that need to be exposed by the Component. - System accounts: Define the system accounts required for the Component. - Monitoring and logging: Configure the exporter and logging settings for the Component. ComponentDefinitions also enable defining reactive behaviors of the Component in response to events, such as member join/leave, Component addition/deletion, role changes, switch over, and more. This allows for automatic event handling, thus encapsulating complex behaviors within the Component. Referencing a ComponentDefinition when creating individual Components ensures inheritance of predefined configurations, promoting reusability and consistency across different deployments and cluster topologies. +ComponentDefinition serves as a reusable blueprint for creating Components,encapsulating essential static settings such as Component description,Pod templates, configuration file templates, scripts, parameter lists,injected environment variables and their sources, and event handlers.ComponentDefinition works in conjunction with dynamic settings from the ClusterComponentSpec,to instantiate Components during Cluster creation.Key aspects that can be defined in a ComponentDefinition include:- PodSpec template: Specifies the PodSpec template used by the Component.- Configuration templates: Specify the configuration file templates required by the Component.- Scripts: Provide the necessary scripts for Component management and operations.- Storage volumes: Specify the storage volumes and their configurations for the Component.- Pod roles: Outlines various roles of Pods within the Component along with their capabilities.- Exposed Kubernetes Services: Specify the Services that need to be exposed by the Component.- System accounts: Define the system accounts required for the Component.- Monitoring and logging: Configure the exporter and logging settings for the Component.ComponentDefinitions also enable defining reactive behaviors of the Component in response to events,such as member join/leave, Component addition/deletion, role changes, switch over, and more.This allows for automatic event handling, thus encapsulating complex behaviors within the Component.Referencing a ComponentDefinition when creating individual Components ensures inheritance of predefined configurations,promoting reusability and consistency across different deployments and cluster topologies. ## Example Usage @@ -54,114 +54,114 @@ Optional: Required: -- `runtime` (Attributes) Specifies the PodSpec template used in the Component. It includes the following elements: - Init containers - Containers - Image - Commands - Args - Envs - Mounts - Ports - Security context - Probes - Lifecycle - Volumes This field is intended to define static settings that remain consistent across all instantiated Components. Dynamic settings such as CPU and memory resource limits, as well as scheduling settings (affinity, toleration, priority), may vary among different instantiated Components. They should be specified in the 'cluster.spec.componentSpecs' (ClusterComponentSpec). Specific instances of a Component may override settings defined here, such as using a different container image or modifying environment variable values. These instance-specific overrides can be specified in 'cluster.spec.componentSpecs[*].instances'. This field is immutable and cannot be updated once set. (see [below for nested schema](#nestedatt--spec--runtime)) +- `runtime` (Attributes) Specifies the PodSpec template used in the Component.It includes the following elements:- Init containers- Containers - Image - Commands - Args - Envs - Mounts - Ports - Security context - Probes - Lifecycle- VolumesThis field is intended to define static settings that remain consistent across all instantiated Components.Dynamic settings such as CPU and memory resource limits, as well as scheduling settings (affinity,toleration, priority), may vary among different instantiated Components.They should be specified in the 'cluster.spec.componentSpecs' (ClusterComponentSpec).Specific instances of a Component may override settings defined here, such as using a different container imageor modifying environment variable values.These instance-specific overrides can be specified in 'cluster.spec.componentSpecs[*].instances'.This field is immutable and cannot be updated once set. (see [below for nested schema](#nestedatt--spec--runtime)) Optional: -- `annotations` (Map of String) Specifies static annotations that will be patched to all Kubernetes resources created for the Component. Note: If an annotation key in the 'annotations' field conflicts with any system annotations or user-specified annotations, it will be silently ignored to avoid overriding higher-priority annotations. This field is immutable. -- `configs` (Attributes List) Specifies the configuration file templates and volume mount parameters used by the Component. It also includes descriptions of the parameters in the ConfigMaps, such as value range limitations. This field specifies a list of templates that will be rendered into Component containers' configuration files. Each template is represented as a ConfigMap and may contain multiple configuration files, with each file being a key in the ConfigMap. The rendered configuration files will be mounted into the Component's containers according to the specified volume mount parameters. This field is immutable. (see [below for nested schema](#nestedatt--spec--configs)) -- `description` (String) Provides a brief and concise explanation of the Component's purpose, functionality, and any relevant details. It serves as a quick reference for users to understand the Component's role and characteristics. +- `annotations` (Map of String) Specifies static annotations that will be patched to all Kubernetes resources created for the Component.Note: If an annotation key in the 'annotations' field conflicts with any system annotationsor user-specified annotations, it will be silently ignored to avoid overriding higher-priority annotations.This field is immutable. +- `configs` (Attributes List) Specifies the configuration file templates and volume mount parameters used by the Component.It also includes descriptions of the parameters in the ConfigMaps, such as value range limitations.This field specifies a list of templates that will be rendered into Component containers' configuration files.Each template is represented as a ConfigMap and may contain multiple configuration files,with each file being a key in the ConfigMap.The rendered configuration files will be mounted into the Component's containers according to the specified volume mount parameters.This field is immutable. (see [below for nested schema](#nestedatt--spec--configs)) +- `description` (String) Provides a brief and concise explanation of the Component's purpose, functionality, and any relevant details.It serves as a quick reference for users to understand the Component's role and characteristics. - `exporter` (Attributes) Defines the built-in metrics exporter container. (see [below for nested schema](#nestedatt--spec--exporter)) -- `host_network` (Attributes) Specifies the host network configuration for the Component. When 'hostNetwork' option is enabled, the Pods share the host's network namespace and can directly access the host's network interfaces. This means that if multiple Pods need to use the same port, they cannot run on the same host simultaneously due to port conflicts. The DNSPolicy field in the Pod spec determines how containers within the Pod perform DNS resolution. When using hostNetwork, the operator will set the DNSPolicy to 'ClusterFirstWithHostNet'. With this policy, DNS queries will first go through the K8s cluster's DNS service. If the query fails, it will fall back to the host's DNS settings. If set, the DNS policy will be automatically set to 'ClusterFirstWithHostNet'. (see [below for nested schema](#nestedatt--spec--host_network)) -- `labels` (Map of String) Specifies static labels that will be patched to all Kubernetes resources created for the Component. Note: If a label key in the 'labels' field conflicts with any system labels or user-specified labels, it will be silently ignored to avoid overriding higher-priority labels. This field is immutable. -- `lifecycle_actions` (Attributes) Defines a set of hooks and procedures that customize the behavior of a Component throughout its lifecycle. Actions are triggered at specific lifecycle stages: - 'postProvision': Defines the hook to be executed after the creation of a Component, with 'preCondition' specifying when the action should be fired relative to the Component's lifecycle stages: 'Immediately', 'RuntimeReady', 'ComponentReady', and 'ClusterReady'. - 'preTerminate': Defines the hook to be executed before terminating a Component. - 'roleProbe': Defines the procedure which is invoked regularly to assess the role of replicas. - 'switchover': Defines the procedure for a controlled transition of leadership from the current leader to a new replica. This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, such as before planned maintenance or upgrades on the current leader node. - 'memberJoin': Defines the procedure to add a new replica to the replication group. - 'memberLeave': Defines the method to remove a replica from the replication group. - 'readOnly': Defines the procedure to switch a replica into the read-only state. - 'readWrite': transition a replica from the read-only state back to the read-write state. - 'dataDump': Defines the procedure to export the data from a replica. - 'dataLoad': Defines the procedure to import data into a replica. - 'reconfigure': Defines the procedure that update a replica with new configuration file. - 'accountProvision': Defines the procedure to generate a new database account. This field is immutable. (see [below for nested schema](#nestedatt--spec--lifecycle_actions)) -- `log_configs` (Attributes List) Defines the types of logs generated by instances of the Component and their corresponding file paths. These logs can be collected for further analysis and monitoring. The 'logConfigs' field is an optional list of LogConfig objects, where each object represents a specific log type and its configuration. It allows you to specify multiple log types and their respective file paths for the Component. Examples: '''yaml logConfigs: - filePathPattern: /data/mysql/log/mysqld-error.log name: error - filePathPattern: /data/mysql/log/mysqld.log name: general - filePathPattern: /data/mysql/log/mysqld-slowquery.log name: slow ''' This field is immutable. (see [below for nested schema](#nestedatt--spec--log_configs)) -- `min_ready_seconds` (Number) 'minReadySeconds' is the minimum duration in seconds that a new Pod should remain in the ready state without any of its containers crashing to be considered available. This ensures the Pod's stability and readiness to serve requests. A default value of 0 seconds means the Pod is considered available as soon as it enters the ready state. -- `monitor` (Attributes) Deprecated since v0.9 monitor is monitoring config which provided by provider. (see [below for nested schema](#nestedatt--spec--monitor)) -- `policy_rules` (Attributes List) Defines the namespaced policy rules required by the Component. The 'policyRules' field is an array of 'rbacv1.PolicyRule' objects that define the policy rules needed by the Component to operate within a namespace. These policy rules determine the permissions and verbs the Component is allowed to perform on Kubernetes resources within the namespace. The purpose of this field is to automatically generate the necessary RBAC roles for the Component based on the specified policy rules. This ensures that the Pods in the Component has appropriate permissions to function. Note: This field is currently non-functional and is reserved for future implementation. This field is immutable. (see [below for nested schema](#nestedatt--spec--policy_rules)) -- `provider` (String) Specifies the name of the Component provider, typically the vendor or developer name. It identifies the entity responsible for creating and maintaining the Component. When specifying the provider name, consider the following guidelines: - Keep the name concise and relevant to the Component. - Use a consistent naming convention across Components from the same provider. - Avoid using trademarked or copyrighted names without proper permission. -- `replicas_limit` (Attributes) Defines the upper limit of the number of replicas supported by the Component. It defines the maximum number of replicas that can be created for the Component. This field allows you to set a limit on the scalability of the Component, preventing it from exceeding a certain number of replicas. This field is immutable. (see [below for nested schema](#nestedatt--spec--replicas_limit)) -- `roles` (Attributes List) Enumerate all possible roles assigned to each replica of the Component, influencing its behavior. A replica can have zero to multiple roles. KubeBlocks operator determines the roles of each replica by invoking the 'lifecycleActions.roleProbe' method. This action returns a list of roles for each replica, and the returned roles must be predefined in the 'roles' field. The roles assigned to a replica can influence various aspects of the Component's behavior, such as: - Service selection: The Component's exposed Services may target replicas based on their roles using 'roleSelector'. - Update order: The roles can determine the order in which replicas are updated during a Component update. For instance, replicas with a 'follower' role can be updated first, while the replica with the 'leader' role is updated last. This helps minimize the number of leader changes during the update process. This field is immutable. (see [below for nested schema](#nestedatt--spec--roles)) -- `scripts` (Attributes List) Specifies groups of scripts, each provided via a ConfigMap, to be mounted as volumes in the container. These scripts can be executed during container startup or via specific actions. Each script group is encapsulated in a ComponentTemplateSpec that includes: - The ConfigMap containing the scripts. - The mount point where the scripts will be mounted inside the container. This field is immutable. (see [below for nested schema](#nestedatt--spec--scripts)) -- `service_kind` (String) Defines the type of well-known service protocol that the Component provides. It specifies the standard or widely recognized protocol used by the Component to offer its Services. The 'serviceKind' field allows users to quickly identify the type of Service provided by the Component based on common protocols or service types. This information helps in understanding the compatibility, interoperability, and usage of the Component within a system. Some examples of well-known service protocols include: - 'MySQL': Indicates that the Component provides a MySQL database service. - 'PostgreSQL': Indicates that the Component offers a PostgreSQL database service. - 'Redis': Signifies that the Component functions as a Redis key-value store. - 'ETCD': Denotes that the Component serves as an ETCD distributed key-value store. The 'serviceKind' value is case-insensitive, allowing for flexibility in specifying the protocol name. When specifying the 'serviceKind', consider the following guidelines: - Use well-established and widely recognized protocol names or service types. - Ensure that the 'serviceKind' accurately represents the primary service type offered by the Component. - If the Component provides multiple services, choose the most prominent or commonly used protocol. - Limit the 'serviceKind' to a maximum of 32 characters for conciseness and readability. Note: The 'serviceKind' field is optional and can be left empty if the Component does not fit into a well-known service category or if the protocol is not widely recognized. It is primarily used to convey information about the Component's service type to users and facilitate discovery and integration. The 'serviceKind' field is immutable and cannot be updated. -- `service_ref_declarations` (Attributes List) Lists external service dependencies of the Component, including services from other Clusters or outside the K8s environment. This field is immutable. (see [below for nested schema](#nestedatt--spec--service_ref_declarations)) -- `service_version` (String) Specifies the version of the Service provided by the Component. It follows the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). The Semantic Versioning specification defines a version number format of X.Y.Z (MAJOR.MINOR.PATCH), where: - X represents the major version and indicates incompatible API changes. - Y represents the minor version and indicates added functionality in a backward-compatible manner. - Z represents the patch version and indicates backward-compatible bug fixes. Additional labels for pre-release and build metadata are available as extensions to the X.Y.Z format: - Use pre-release labels (e.g., -alpha, -beta) for versions that are not yet stable or ready for production use. - Use build metadata (e.g., +build.1) for additional version information if needed. Examples of valid ServiceVersion values: - '1.0.0' - '2.3.1' - '3.0.0-alpha.1' - '4.5.2+build.1' The 'serviceVersion' field is immutable and cannot be updated. -- `services` (Attributes List) Defines additional Services to expose the Component's endpoints. A default headless Service, named '{cluster.name}-{component.name}-headless', is automatically created for internal Cluster communication. This field enables customization of additional Services to expose the Component's endpoints to other Components within the same or different Clusters, and to external applications. Each Service entry in this list can include properties such as ports, type, and selectors. - For intra-Cluster access, Components can reference Services using variables declared in 'componentDefinition.spec.vars[*].valueFrom.serviceVarRef'. - For inter-Cluster access, reference Services use variables declared in 'componentDefinition.spec.vars[*].valueFrom.serviceRefVarRef', and bind Services at Cluster creation time with 'clusterComponentSpec.ServiceRef[*].clusterServiceSelector'. This field is immutable. (see [below for nested schema](#nestedatt--spec--services)) -- `system_accounts` (Attributes List) An array of 'SystemAccount' objects that define the system accounts needed for the management operations of the Component. Each 'SystemAccount' includes: - Account name. - The SQL statement template: Used to create the system account. - Password Source: Either generated based on certain rules or retrieved from a Secret. Use cases for system accounts typically involve tasks like system initialization, backups, monitoring, health checks, replication, and other system-level operations. System accounts are distinct from user accounts, although both are database accounts. - **System Accounts**: Created during Cluster setup by the KubeBlocks operator, these accounts have higher privileges for system management and are fully managed through a declarative API by the operator. - **User Accounts**: Managed by users or administrator. User account permissions should follow the principle of least privilege, granting only the necessary access rights to complete their required tasks. This field is immutable. (see [below for nested schema](#nestedatt--spec--system_accounts)) -- `update_strategy` (String) Specifies the concurrency strategy for updating multiple instances of the Component. Available strategies: - 'Serial': Updates replicas one at a time, ensuring minimal downtime by waiting for each replica to become ready before updating the next. - 'Parallel': Updates all replicas simultaneously, optimizing for speed but potentially reducing availability during the update. - 'BestEffortParallel': Updates replicas concurrently with a limit on simultaneous updates to ensure a minimum number of operational replicas for maintaining quorum. For example, in a 5-replica component, updating a maximum of 2 replicas simultaneously keeps at least 3 operational for quorum. This field is immutable and defaults to 'Serial'. -- `vars` (Attributes List) Defines variables which are determined after Cluster instantiation and reflect dynamic or runtime attributes of instantiated Clusters. These variables serve as placeholders for setting environment variables in Pods and Actions, or for rendering configuration and script templates before actual values are finalized. These variables are placed in front of the environment variables declared in the Pod if used as environment variables. Variable values can be sourced from: - ConfigMap: Select and extract a value from a specific key within a ConfigMap. - Secret: Select and extract a value from a specific key within a Secret. - HostNetwork: Retrieves values (including ports) from host-network resources. - Service: Retrieves values (including address, port, NodePort) from a selected Service. Intended to obtain the address of a ComponentService within the same Cluster. - Credential: Retrieves account name and password from a SystemAccount variable. - ServiceRef: Retrieves address, port, account name and password from a selected ServiceRefDeclaration. Designed to obtain the address bound to a ServiceRef, such as a ClusterService or ComponentService of another cluster or an external service. - Component: Retrieves values from a selected Component, including replicas and instance name list. This field is immutable. (see [below for nested schema](#nestedatt--spec--vars)) -- `volumes` (Attributes List) Defines the volumes used by the Component and some static attributes of the volumes. After defining the volumes here, user can reference them in the 'cluster.spec.componentSpecs[*].volumeClaimTemplates' field to configure dynamic properties such as volume capacity and storage class. This field allows you to specify the following: - Snapshot behavior: Determines whether a snapshot of the volume should be taken when performing a snapshot backup of the Component. - Disk high watermark: Sets the high watermark for the volume's disk usage. When the disk usage reaches the specified threshold, it triggers an alert or action. By configuring these volume behaviors, you can control how the volumes are managed and monitored within the Component. This field is immutable. (see [below for nested schema](#nestedatt--spec--volumes)) +- `host_network` (Attributes) Specifies the host network configuration for the Component.When 'hostNetwork' option is enabled, the Pods share the host's network namespace and can directly accessthe host's network interfaces.This means that if multiple Pods need to use the same port, they cannot run on the same host simultaneouslydue to port conflicts.The DNSPolicy field in the Pod spec determines how containers within the Pod perform DNS resolution.When using hostNetwork, the operator will set the DNSPolicy to 'ClusterFirstWithHostNet'.With this policy, DNS queries will first go through the K8s cluster's DNS service.If the query fails, it will fall back to the host's DNS settings.If set, the DNS policy will be automatically set to 'ClusterFirstWithHostNet'. (see [below for nested schema](#nestedatt--spec--host_network)) +- `labels` (Map of String) Specifies static labels that will be patched to all Kubernetes resources created for the Component.Note: If a label key in the 'labels' field conflicts with any system labels or user-specified labels,it will be silently ignored to avoid overriding higher-priority labels.This field is immutable. +- `lifecycle_actions` (Attributes) Defines a set of hooks and procedures that customize the behavior of a Component throughout its lifecycle.Actions are triggered at specific lifecycle stages: - 'postProvision': Defines the hook to be executed after the creation of a Component, with 'preCondition' specifying when the action should be fired relative to the Component's lifecycle stages: 'Immediately', 'RuntimeReady', 'ComponentReady', and 'ClusterReady'. - 'preTerminate': Defines the hook to be executed before terminating a Component. - 'roleProbe': Defines the procedure which is invoked regularly to assess the role of replicas. - 'switchover': Defines the procedure for a controlled transition of leadership from the current leader to a new replica. This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, such as before planned maintenance or upgrades on the current leader node. - 'memberJoin': Defines the procedure to add a new replica to the replication group. - 'memberLeave': Defines the method to remove a replica from the replication group. - 'readOnly': Defines the procedure to switch a replica into the read-only state. - 'readWrite': transition a replica from the read-only state back to the read-write state. - 'dataDump': Defines the procedure to export the data from a replica. - 'dataLoad': Defines the procedure to import data into a replica. - 'reconfigure': Defines the procedure that update a replica with new configuration file. - 'accountProvision': Defines the procedure to generate a new database account.This field is immutable. (see [below for nested schema](#nestedatt--spec--lifecycle_actions)) +- `log_configs` (Attributes List) Defines the types of logs generated by instances of the Component and their corresponding file paths.These logs can be collected for further analysis and monitoring.The 'logConfigs' field is an optional list of LogConfig objects, where each object representsa specific log type and its configuration.It allows you to specify multiple log types and their respective file paths for the Component.Examples:'''yaml logConfigs: - filePathPattern: /data/mysql/log/mysqld-error.log name: error - filePathPattern: /data/mysql/log/mysqld.log name: general - filePathPattern: /data/mysql/log/mysqld-slowquery.log name: slow'''This field is immutable. (see [below for nested schema](#nestedatt--spec--log_configs)) +- `min_ready_seconds` (Number) 'minReadySeconds' is the minimum duration in seconds that a new Pod should remain in the readystate without any of its containers crashing to be considered available.This ensures the Pod's stability and readiness to serve requests.A default value of 0 seconds means the Pod is considered available as soon as it enters the ready state. +- `monitor` (Attributes) Deprecated since v0.9monitor is monitoring config which provided by provider. (see [below for nested schema](#nestedatt--spec--monitor)) +- `policy_rules` (Attributes List) Defines the namespaced policy rules required by the Component.The 'policyRules' field is an array of 'rbacv1.PolicyRule' objects that define the policy rulesneeded by the Component to operate within a namespace.These policy rules determine the permissions and verbs the Component is allowed to perform onKubernetes resources within the namespace.The purpose of this field is to automatically generate the necessary RBAC rolesfor the Component based on the specified policy rules.This ensures that the Pods in the Component has appropriate permissions to function.Note: This field is currently non-functional and is reserved for future implementation.This field is immutable. (see [below for nested schema](#nestedatt--spec--policy_rules)) +- `provider` (String) Specifies the name of the Component provider, typically the vendor or developer name.It identifies the entity responsible for creating and maintaining the Component.When specifying the provider name, consider the following guidelines:- Keep the name concise and relevant to the Component.- Use a consistent naming convention across Components from the same provider.- Avoid using trademarked or copyrighted names without proper permission. +- `replicas_limit` (Attributes) Defines the upper limit of the number of replicas supported by the Component.It defines the maximum number of replicas that can be created for the Component.This field allows you to set a limit on the scalability of the Component, preventing it from exceeding a certain number of replicas.This field is immutable. (see [below for nested schema](#nestedatt--spec--replicas_limit)) +- `roles` (Attributes List) Enumerate all possible roles assigned to each replica of the Component, influencing its behavior.A replica can have zero to multiple roles.KubeBlocks operator determines the roles of each replica by invoking the 'lifecycleActions.roleProbe' method.This action returns a list of roles for each replica, and the returned roles must be predefined in the 'roles' field.The roles assigned to a replica can influence various aspects of the Component's behavior, such as:- Service selection: The Component's exposed Services may target replicas based on their roles using 'roleSelector'.- Update order: The roles can determine the order in which replicas are updated during a Component update. For instance, replicas with a 'follower' role can be updated first, while the replica with the 'leader' role is updated last. This helps minimize the number of leader changes during the update process.This field is immutable. (see [below for nested schema](#nestedatt--spec--roles)) +- `scripts` (Attributes List) Specifies groups of scripts, each provided via a ConfigMap, to be mounted as volumes in the container.These scripts can be executed during container startup or via specific actions.Each script group is encapsulated in a ComponentTemplateSpec that includes:- The ConfigMap containing the scripts.- The mount point where the scripts will be mounted inside the container.This field is immutable. (see [below for nested schema](#nestedatt--spec--scripts)) +- `service_kind` (String) Defines the type of well-known service protocol that the Component provides.It specifies the standard or widely recognized protocol used by the Component to offer its Services.The 'serviceKind' field allows users to quickly identify the type of Service provided by the Componentbased on common protocols or service types. This information helps in understanding the compatibility,interoperability, and usage of the Component within a system.Some examples of well-known service protocols include:- 'MySQL': Indicates that the Component provides a MySQL database service.- 'PostgreSQL': Indicates that the Component offers a PostgreSQL database service.- 'Redis': Signifies that the Component functions as a Redis key-value store.- 'ETCD': Denotes that the Component serves as an ETCD distributed key-value store.The 'serviceKind' value is case-insensitive, allowing for flexibility in specifying the protocol name.When specifying the 'serviceKind', consider the following guidelines:- Use well-established and widely recognized protocol names or service types.- Ensure that the 'serviceKind' accurately represents the primary service type offered by the Component.- If the Component provides multiple services, choose the most prominent or commonly used protocol.- Limit the 'serviceKind' to a maximum of 32 characters for conciseness and readability.Note: The 'serviceKind' field is optional and can be left empty if the Component does not fit into a well-knownservice category or if the protocol is not widely recognized. It is primarily used to convey information aboutthe Component's service type to users and facilitate discovery and integration.The 'serviceKind' field is immutable and cannot be updated. +- `service_ref_declarations` (Attributes List) Lists external service dependencies of the Component, including services from other Clusters or outside the K8s environment.This field is immutable. (see [below for nested schema](#nestedatt--spec--service_ref_declarations)) +- `service_version` (String) Specifies the version of the Service provided by the Component.It follows the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/).The Semantic Versioning specification defines a version number format of X.Y.Z (MAJOR.MINOR.PATCH), where:- X represents the major version and indicates incompatible API changes.- Y represents the minor version and indicates added functionality in a backward-compatible manner.- Z represents the patch version and indicates backward-compatible bug fixes.Additional labels for pre-release and build metadata are available as extensions to the X.Y.Z format:- Use pre-release labels (e.g., -alpha, -beta) for versions that are not yet stable or ready for production use.- Use build metadata (e.g., +build.1) for additional version information if needed.Examples of valid ServiceVersion values:- '1.0.0'- '2.3.1'- '3.0.0-alpha.1'- '4.5.2+build.1'The 'serviceVersion' field is immutable and cannot be updated. +- `services` (Attributes List) Defines additional Services to expose the Component's endpoints.A default headless Service, named '{cluster.name}-{component.name}-headless', is automatically createdfor internal Cluster communication.This field enables customization of additional Services to expose the Component's endpoints toother Components within the same or different Clusters, and to external applications.Each Service entry in this list can include properties such as ports, type, and selectors.- For intra-Cluster access, Components can reference Services using variables declared in 'componentDefinition.spec.vars[*].valueFrom.serviceVarRef'.- For inter-Cluster access, reference Services use variables declared in 'componentDefinition.spec.vars[*].valueFrom.serviceRefVarRef', and bind Services at Cluster creation time with 'clusterComponentSpec.ServiceRef[*].clusterServiceSelector'.This field is immutable. (see [below for nested schema](#nestedatt--spec--services)) +- `system_accounts` (Attributes List) An array of 'SystemAccount' objects that define the system accounts neededfor the management operations of the Component.Each 'SystemAccount' includes:- Account name.- The SQL statement template: Used to create the system account.- Password Source: Either generated based on certain rules or retrieved from a Secret. Use cases for system accounts typically involve tasks like system initialization, backups, monitoring, health checks, replication, and other system-level operations.System accounts are distinct from user accounts, although both are database accounts.- **System Accounts**: Created during Cluster setup by the KubeBlocks operator, these accounts have higher privileges for system management and are fully managed through a declarative API by the operator.- **User Accounts**: Managed by users or administrator. User account permissions should follow the principle of least privilege, granting only the necessary access rights to complete their required tasks.This field is immutable. (see [below for nested schema](#nestedatt--spec--system_accounts)) +- `update_strategy` (String) Specifies the concurrency strategy for updating multiple instances of the Component.Available strategies:- 'Serial': Updates replicas one at a time, ensuring minimal downtime by waiting for each replica to become ready before updating the next.- 'Parallel': Updates all replicas simultaneously, optimizing for speed but potentially reducing availability during the update.- 'BestEffortParallel': Updates replicas concurrently with a limit on simultaneous updates to ensure a minimum number of operational replicas for maintaining quorum. For example, in a 5-replica component, updating a maximum of 2 replicas simultaneously keeps at least 3 operational for quorum.This field is immutable and defaults to 'Serial'. +- `vars` (Attributes List) Defines variables which are determined after Cluster instantiation and reflectdynamic or runtime attributes of instantiated Clusters.These variables serve as placeholders for setting environment variables in Pods and Actions,or for rendering configuration and script templates before actual values are finalized.These variables are placed in front of the environment variables declared in the Pod if used asenvironment variables.Variable values can be sourced from:- ConfigMap: Select and extract a value from a specific key within a ConfigMap.- Secret: Select and extract a value from a specific key within a Secret.- HostNetwork: Retrieves values (including ports) from host-network resources.- Service: Retrieves values (including address, port, NodePort) from a selected Service. Intended to obtain the address of a ComponentService within the same Cluster.- Credential: Retrieves account name and password from a SystemAccount variable.- ServiceRef: Retrieves address, port, account name and password from a selected ServiceRefDeclaration. Designed to obtain the address bound to a ServiceRef, such as a ClusterService or ComponentService of another cluster or an external service.- Component: Retrieves values from a selected Component, including replicas and instance name list.This field is immutable. (see [below for nested schema](#nestedatt--spec--vars)) +- `volumes` (Attributes List) Defines the volumes used by the Component and some static attributes of the volumes.After defining the volumes here, user can reference them in the'cluster.spec.componentSpecs[*].volumeClaimTemplates' field to configure dynamic properties such asvolume capacity and storage class.This field allows you to specify the following:- Snapshot behavior: Determines whether a snapshot of the volume should be taken when performing a snapshot backup of the Component.- Disk high watermark: Sets the high watermark for the volume's disk usage. When the disk usage reaches the specified threshold, it triggers an alert or action.By configuring these volume behaviors, you can control how the volumes are managed and monitored within the Component.This field is immutable. (see [below for nested schema](#nestedatt--spec--volumes)) ### Nested Schema for `spec.runtime` Required: -- `containers` (Attributes List) List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers)) +- `containers` (Attributes List) List of containers belonging to the pod.Containers cannot currently be added or removed.There must be at least one container in a Pod.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers)) Optional: -- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer. +- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative toStartTime before the system will actively try to mark it failed and kill associated containers.Value must be a positive integer. - `affinity` (Attributes) If specified, the pod's scheduling constraints (see [below for nested schema](#nestedatt--spec--runtime--affinity)) - `automount_service_account_token` (Boolean) AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. -- `dns_config` (Attributes) Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--runtime--dns_config)) -- `dns_policy` (String) Set DNS policy for the pod. Defaults to 'ClusterFirst'. Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. -- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true. -- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers)) -- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--runtime--host_aliases)) -- `host_ipc` (Boolean) Use the host's ipc namespace. Optional: Default to false. -- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. -- `host_pid` (Boolean) Use the host's pid namespace. Optional: Default to false. -- `host_users` (Boolean) Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. -- `hostname` (String) Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value. -- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--runtime--image_pull_secrets)) -- `init_containers` (Attributes List) List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers)) -- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `os` (Attributes) Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--runtime--os)) -- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md -- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. -- `priority` (Number) The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority. -- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and 'system-cluster-critical' are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default. -- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to 'True' More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--runtime--readiness_gates)) -- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. (see [below for nested schema](#nestedatt--spec--runtime--resource_claims)) -- `restart_policy` (String) Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy -- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class -- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler. -- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. SchedulingGates can only be set at pod creation time, and be removed only afterwards. This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--runtime--scheduling_gates)) -- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--runtime--security_context)) -- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. -- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false. -- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. -- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'. If not specified, the pod will not have a domainname at all. -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds. +- `dns_config` (Attributes) Specifies the DNS parameters of a pod.Parameters specified here will be merged to the generated DNSconfiguration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--runtime--dns_config)) +- `dns_policy` (String) Set DNS policy for the pod.Defaults to 'ClusterFirst'.Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.To have DNS options set along with hostNetwork, you have to specify DNS policyexplicitly to 'ClusterFirstWithHostNet'. +- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod'senvironment variables, matching the syntax of Docker links.Optional: Defaults to true. +- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existingpod to perform user-initiated actions such as debugging. This list cannot be specified whencreating a pod, and it cannot be modified by updating the pod spec. In order to add anephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers)) +- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hostsfile if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--runtime--host_aliases)) +- `host_ipc` (Boolean) Use the host's ipc namespace.Optional: Default to false. +- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace.If this option is set, the ports that will be used must be specified.Default to false. +- `host_pid` (Boolean) Use the host's pid namespace.Optional: Default to false. +- `host_users` (Boolean) Use the host's user namespace.Optional: Default to true.If set to true or not present, the pod will be run in the host user namespace, usefulfor when the pod needs a feature only available to the host user namespace, such asloading a kernel module with CAP_SYS_MODULE.When set to false, a new userns is created for the pod. Setting false is useful formitigating container breakout vulnerabilities even allowing users to run theircontainers as root without actually having root privileges on the host.This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. +- `hostname` (String) Specifies the hostname of the PodIf not specified, the pod's hostname will be set to a system-defined value. +- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.If specified, these secrets will be passed to individual puller implementations for them to use.More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--runtime--image_pull_secrets)) +- `init_containers` (Attributes List) List of initialization containers belonging to the pod.Init containers are executed in order prior to containers being started. If anyinit container fails, the pod is considered to have failed and is handled accordingto its restartPolicy. The name for an init container or normal container must beunique among all containers.Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.The resourceRequirements of an init container are taken into account during schedulingby finding the highest request/limit for each resource type, and then using the max ofof that value or the sum of the normal containers. Limits are applied to init containersin a similar fashion.Init containers cannot currently be added or removed.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers)) +- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty,the scheduler simply schedules this pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node.Selector which must match a node's labels for the pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `os` (Attributes) Specifies the OS of the containers in the pod.Some pod and container fields are restricted if this is set.If the OS field is set to linux, the following fields must be unset:-securityContext.windowsOptionsIf the OS field is set to windows, following fields must be unset:- spec.hostPID- spec.hostIPC- spec.hostUsers- spec.securityContext.seLinuxOptions- spec.securityContext.seccompProfile- spec.securityContext.fsGroup- spec.securityContext.fsGroupChangePolicy- spec.securityContext.sysctls- spec.shareProcessNamespace- spec.securityContext.runAsUser- spec.securityContext.runAsGroup- spec.securityContext.supplementalGroups- spec.containers[*].securityContext.seLinuxOptions- spec.containers[*].securityContext.seccompProfile- spec.containers[*].securityContext.capabilities- spec.containers[*].securityContext.readOnlyRootFilesystem- spec.containers[*].securityContext.privileged- spec.containers[*].securityContext.allowPrivilegeEscalation- spec.containers[*].securityContext.procMount- spec.containers[*].securityContext.runAsUser- spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--runtime--os)) +- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.This field will be autopopulated at admission time by the RuntimeClass admission controller. Ifthe RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.The RuntimeClass admission controller will reject Pod create requests which have the overhead alreadyset. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the valuedefined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md +- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority.One of Never, PreemptLowerPriority.Defaults to PreemptLowerPriority if unset. +- `priority` (Number) The priority value. Various system components use this field to find thepriority of the pod. When Priority Admission Controller is enabled, itprevents users from setting this field. The admission controller populatesthis field from PriorityClassName.The higher the value, the higher the priority. +- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and'system-cluster-critical' are two special keywords which indicate thehighest priorities with the former being the highest priority. Any othername must be defined by creating a PriorityClass object with that name.If not specified, the pod priority will be default or zero if there is nodefault. +- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness.A pod is ready when all its containers are ready ANDall conditions specified in the readiness gates have status equal to 'True'More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--runtime--readiness_gates)) +- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocatedand reserved before the Pod is allowed to start. The resourceswill be made available to those containers which consume themby name.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. (see [below for nested schema](#nestedatt--spec--runtime--resource_claims)) +- `restart_policy` (String) Restart policy for all containers within the pod.One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.Default to Always.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy +- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be usedto run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with anempty definition that uses the default runtime handler.More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class +- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler.If not specified, the pod will be dispatched by default scheduler. +- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod.If schedulingGates is not empty, the pod will stay in the SchedulingGated state and thescheduler will not attempt to schedule the pod.SchedulingGates can only be set at pod creation time, and be removed only afterwards.This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--runtime--scheduling_gates)) +- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings.Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--runtime--security_context)) +- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.Deprecated: Use serviceAccountName instead. +- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod.More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN.If a pod does not have FQDN, this has no effect.Default to false. +- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod.When this is set containers will be able to view and signal processes from other containersin the same pod, and the first process in each container will not be assigned PID 1.HostPID and ShareProcessNamespace cannot both be set.Optional: Default to false. +- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'.If not specified, the pod will not have a domainname at all. +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).If this value is nil, the default grace period will be used instead.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.Defaults to 30 seconds. - `tolerations` (Attributes List) If specified, the pod's tolerations. (see [below for nested schema](#nestedatt--spec--runtime--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--topology_spread_constraints)) -- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--runtime--volumes)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topologydomains. Scheduler will schedule pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--topology_spread_constraints)) +- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--runtime--volumes)) ### Nested Schema for `spec.runtime.containers` Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--runtime--containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--runtime--containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--runtime--containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--runtime--containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.runtime.containers.env` @@ -172,7 +172,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from)) @@ -181,8 +181,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--runtime--containers--env--value_from--secret_key_ref)) @@ -194,7 +194,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -232,7 +232,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -252,7 +252,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -261,7 +261,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -271,8 +271,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop)) ### Nested Schema for `spec.runtime.containers.lifecycle.post_start` @@ -281,14 +281,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.runtime.containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -296,21 +296,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -320,7 +320,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -335,14 +335,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.runtime.containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -350,21 +350,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -374,7 +374,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -389,22 +389,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -416,7 +416,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -424,21 +424,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -448,7 +448,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -461,14 +461,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -477,22 +477,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -504,7 +504,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -512,21 +512,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -536,7 +536,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -549,8 +549,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -558,16 +558,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.runtime.containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -576,17 +576,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--containers--security_context--windows_options)) ### Nested Schema for `spec.runtime.containers.security_context.capabilities` @@ -613,11 +613,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -625,10 +625,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -638,22 +638,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -665,7 +665,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -673,21 +673,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -697,7 +697,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -719,15 +719,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -745,8 +745,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--runtime--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--runtime--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.runtime.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -770,11 +770,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -783,11 +783,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -813,11 +813,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -826,11 +826,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -841,8 +841,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.runtime.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -850,20 +850,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.runtime.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.runtime.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -871,7 +871,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -879,11 +879,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -893,7 +893,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -901,11 +901,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -916,13 +916,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.runtime.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -930,7 +930,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -938,11 +938,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -952,7 +952,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -960,11 +960,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -975,8 +975,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -984,20 +984,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1005,7 +1005,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1013,11 +1013,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1027,7 +1027,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1035,11 +1035,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1050,13 +1050,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1064,7 +1064,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1072,11 +1072,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1086,7 +1086,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1094,11 +1094,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1110,9 +1110,9 @@ Optional: Optional: -- `nameservers` (List of String) A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed. -- `options` (Attributes List) A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--runtime--dns_config--options)) -- `searches` (List of String) A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed. +- `nameservers` (List of String) A list of DNS name server IP addresses.This will be appended to the base nameservers generated from DNSPolicy.Duplicated nameservers will be removed. +- `options` (Attributes List) A list of DNS resolver options.This will be merged with the base options generated from DNSPolicy.Duplicated entries will be removed. Resolution options given in Optionswill override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--runtime--dns_config--options)) +- `searches` (List of String) A list of DNS search domains for host-name lookup.This will be appended to the base search paths generated from DNSPolicy.Duplicated search paths will be removed. ### Nested Schema for `spec.runtime.dns_config.options` @@ -1129,34 +1129,34 @@ Optional: Required: -- `name` (String) Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers. +- `name` (String) Name of the ephemeral container specified as a DNS_LABEL.This name must be unique among all containers, init containers and ephemeral containers. Optional: -- `args` (List of String) Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `args` (List of String) Arguments to the entrypoint.The image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/images +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - `lifecycle` (Attributes) Lifecycle is not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle)) - `liveness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe)) - `ports` (Attributes List) Ports are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--ports)) - `readiness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--resize_policy)) -- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--resources)) -- `restart_policy` (String) Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers. -- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context)) +- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resourcesalready allocated to the pod. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--resources)) +- `restart_policy` (String) Restart policy for the container to manage the restart behavior of eachcontainer within a pod.This may only be set for init containers. You cannot set this field onephemeral containers. +- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context)) - `startup_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined. -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets.The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.If not set then the ephemeral container uses the namespaces configured in the Pod spec.The container runtime must implement support for this feature. If the runtime does notsupport namespace targeting then the result of setting this field is undefined. +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.runtime.ephemeral_containers.env` @@ -1167,7 +1167,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from)) @@ -1176,8 +1176,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--env--value_from--secret_key_ref)) @@ -1189,7 +1189,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1227,7 +1227,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1247,7 +1247,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -1256,7 +1256,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -1266,8 +1266,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.runtime.ephemeral_containers.lifecycle.post_start` @@ -1276,14 +1276,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.runtime.ephemeral_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1291,21 +1291,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.ephemeral_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1315,7 +1315,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1330,14 +1330,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.runtime.ephemeral_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1345,21 +1345,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.ephemeral_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1369,7 +1369,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1384,22 +1384,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.ephemeral_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1411,7 +1411,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1419,21 +1419,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.ephemeral_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1443,7 +1443,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1456,14 +1456,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -1472,22 +1472,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.ephemeral_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1499,7 +1499,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1507,21 +1507,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.ephemeral_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1531,7 +1531,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1544,8 +1544,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -1553,16 +1553,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.runtime.ephemeral_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1571,17 +1571,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--security_context--windows_options)) ### Nested Schema for `spec.runtime.ephemeral_containers.security_context.capabilities` @@ -1608,11 +1608,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -1620,10 +1620,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -1633,22 +1633,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.ephemeral_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1660,7 +1660,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1668,21 +1668,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--ephemeral_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.ephemeral_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1692,7 +1692,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1714,15 +1714,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -1740,7 +1740,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1748,33 +1748,33 @@ Optional: Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.runtime.init_containers.env` @@ -1785,7 +1785,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from)) @@ -1794,8 +1794,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--runtime--init_containers--env--value_from--secret_key_ref)) @@ -1807,7 +1807,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1845,7 +1845,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1865,7 +1865,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -1874,7 +1874,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -1884,8 +1884,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.runtime.init_containers.lifecycle.post_start` @@ -1894,14 +1894,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.runtime.init_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1909,21 +1909,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.init_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1933,7 +1933,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1948,14 +1948,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.runtime.init_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1963,21 +1963,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.init_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1987,7 +1987,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2002,22 +2002,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.init_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2029,7 +2029,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2037,21 +2037,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.init_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2061,7 +2061,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2074,14 +2074,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -2090,22 +2090,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.init_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2117,7 +2117,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2125,21 +2125,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.init_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2149,7 +2149,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2162,8 +2162,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -2171,16 +2171,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.runtime.init_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2189,17 +2189,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--security_context--windows_options)) ### Nested Schema for `spec.runtime.init_containers.security_context.capabilities` @@ -2226,11 +2226,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2238,10 +2238,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2251,22 +2251,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.runtime.init_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2278,7 +2278,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2286,21 +2286,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--runtime--init_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.runtime.init_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2310,7 +2310,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2332,15 +2332,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -2349,7 +2349,7 @@ Optional: Required: -- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null +- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows.Additional value may be defined in future and can be one of:https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configurationClients should expect to handle additional values and treat unrecognized values in this field as os: null @@ -2365,7 +2365,7 @@ Required: Required: -- `name` (String) Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL. +- `name` (String) Name uniquely identifies this resource claim inside the pod.This must be a DNS_LABEL. Optional: @@ -2376,8 +2376,8 @@ Optional: Optional: -- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. -- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. +- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the samenamespace as this pod. +- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplateobject in the same namespace as this pod.The template will be used to create a new ResourceClaim, which willbe bound to this pod. When this pod is deleted, the ResourceClaimwill also be deleted. The pod name and resource name, along with agenerated component, will be used to form a unique name for theResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.This field is immutable and no changes will be made to thecorresponding ResourceClaim by the control plane after creating theResourceClaim. @@ -2386,7 +2386,7 @@ Optional: Required: -- `name` (String) Name of the scheduling gate. Each scheduling gate must have a unique name field. +- `name` (String) Name of the scheduling gate.Each scheduling gate must have a unique name field. @@ -2394,16 +2394,16 @@ Required: Optional: -- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. -- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--seccomp_profile)) -- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. -- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--sysctls)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--security_context--windows_options)) +- `fs_group` (Number) A special supplemental group that applies to all containers in a pod.Some volume types allow the Kubelet to change the ownership of that volumeto be owned by the pod:1. The owning GID will be the FSGroup2. The setgid bit is set (new files created in the volume will be owned by FSGroup)3. The permission bits are OR'd with rw-rw----If unset, the Kubelet will not modify the ownership and permissions of any volume.Note that this field cannot be set when spec.os.name is windows. +- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volumebefore being exposed inside Pod. This field will only apply tovolume types which support fsGroup based ownership(and permissions).It will have no effect on ephemeral volume types such as: secret, configmapsand emptydir.Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to all containers.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in SecurityContext. If set inboth SecurityContext and PodSecurityContext, the value specified in SecurityContexttakes precedence for that container.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--seccomp_profile)) +- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in additionto the container's primary GID, the fsGroup (if specified), and group membershipsdefined in the container image for the uid of the container process. If unspecified,no additional groups are added to any container. Note that group membershipsdefined in the container image for the uid of the container process are still effective,even if they are not included in this list.Note that this field cannot be set when spec.os.name is windows. +- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupportedsysctls (by the container runtime) might fail to launch.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--runtime--security_context--sysctls)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options within a container's SecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--runtime--security_context--windows_options)) ### Nested Schema for `spec.runtime.security_context.se_linux_options` @@ -2421,11 +2421,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2442,10 +2442,10 @@ Required: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2454,11 +2454,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2466,17 +2466,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--runtime--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--runtime--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.runtime.topology_spread_constraints.label_selector` @@ -2484,7 +2484,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.topology_spread_constraints.label_selector.match_expressions` @@ -2492,11 +2492,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2506,37 +2506,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--runtime--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--runtime--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--runtime--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--runtime--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--runtime--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--runtime--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--runtime--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--runtime--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--runtime--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--runtime--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--runtime--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--runtime--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--runtime--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--runtime--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--runtime--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--runtime--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--runtime--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--runtime--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--runtime--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--runtime--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--runtime--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--runtime--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--runtime--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--runtime--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--runtime--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--runtime--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--runtime--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--runtime--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--runtime--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--runtime--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--runtime--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--runtime--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--runtime--volumes--vsphere_volume)) @@ -2545,13 +2545,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -2565,9 +2565,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2580,7 +2580,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2588,22 +2588,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--runtime--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--runtime--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.runtime.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2612,20 +2612,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--runtime--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--runtime--volumes--cinder--secret_ref)) ### Nested Schema for `spec.runtime.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2634,9 +2634,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -2645,11 +2645,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2658,21 +2658,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--runtime--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--runtime--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.runtime.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2681,7 +2681,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--runtime--volumes--downward_api--items)) @@ -2694,8 +2694,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.runtime.volumes.downward_api.items.field_ref` @@ -2729,8 +2729,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -2738,31 +2738,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.runtime.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.runtime.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -2775,7 +2775,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -2788,8 +2788,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -2797,16 +2797,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.runtime.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2816,7 +2816,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--runtime--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.runtime.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -2824,11 +2824,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2852,11 +2852,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -2868,17 +2868,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--runtime--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--runtime--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.runtime.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2887,7 +2887,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -2896,13 +2896,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -2914,7 +2914,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -2923,12 +2923,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -2936,11 +2936,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -2950,17 +2950,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--runtime--volumes--iscsi--secret_ref)) @@ -2968,7 +2968,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2977,12 +2977,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -2990,11 +2990,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -3006,7 +3006,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -3018,8 +3018,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3027,7 +3027,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources)) @@ -3045,8 +3045,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -3055,11 +3055,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3080,8 +3080,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.runtime.volumes.projected.sources.downward_api.items.field_ref` @@ -3115,8 +3115,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -3125,11 +3125,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3138,12 +3138,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -3153,15 +3153,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -3169,24 +3169,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--runtime--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--runtime--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.runtime.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3196,25 +3196,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--runtime--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--runtime--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.runtime.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3223,10 +3223,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--runtime--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.runtime.volumes.secret.items` @@ -3234,11 +3234,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3247,18 +3247,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--runtime--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--runtime--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.runtime.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3271,7 +3271,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -3284,18 +3284,18 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0. Use 'injectEnvTo' instead. +- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image.Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0.Use 'injectEnvTo' instead. - `constraint_ref` (String) Specifies the name of the referenced configuration constraints object. -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. -- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates. A configuration template (provided in the form of a ConfigMap) may contain templates for multiple configuration files. Each configuration file corresponds to a key in the ConfigMap. Some of these configuration files may support dynamic modification and reloading without requiring a pod restart. If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, and ConfigConstraint applies to all keys. -- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization. The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the main template's render result to generate the final configuration file. This field is intended to handle scenarios where different pods within the same Component have varying configurations. It allows for pod-specific customization of the configuration. Note: This field will be deprecated in future versions, and the functionality will be moved to 'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--configs--legacy_rendered_config_spec)) -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. -- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation or cluster topology. Examples: - Redis: adjust maxmemory after v-scale operation. - MySQL: increase max connections after v-scale operation. - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image. +- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates.A configuration template (provided in the form of a ConfigMap) may contain templates for multipleconfiguration files.Each configuration file corresponds to a key in the ConfigMap.Some of these configuration files may support dynamic modification and reloading without requiringa pod restart.If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,and ConfigConstraint applies to all keys. +- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization.The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the maintemplate's render result to generate the final configuration file.This field is intended to handle scenarios where different pods within the same Component havevarying configurations. It allows for pod-specific customization of the configuration.Note: This field will be deprecated in future versions, and the functionality will be moved to'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--configs--legacy_rendered_config_spec)) +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. +- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.In some scenarios, the configuration may need to be updated to reflect the changes in resource allocationor cluster topology. Examples:- Redis: adjust maxmemory after v-scale operation.- MySQL: increase max connections after v-scale operation.- Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -3307,7 +3307,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `policy` (String) Defines the strategy for merging externally imported templates into component templates. @@ -3318,9 +3318,9 @@ Optional: Optional: - `container_name` (String) Specifies the name of the built-in metrics exporter container. -- `scrape_path` (String) Specifies the http/https url path to scrape for metrics. If empty, Prometheus uses the default value (e.g. '/metrics'). +- `scrape_path` (String) Specifies the http/https url path to scrape for metrics.If empty, Prometheus uses the default value (e.g. '/metrics'). - `scrape_port` (String) Specifies the port name to scrape for metrics. -- `scrape_scheme` (String) Specifies the schema to use for scraping. 'http' and 'https' are the expected values unless you rewrite the '__scheme__' label via relabeling. If empty, Prometheus uses the default value 'http'. +- `scrape_scheme` (String) Specifies the schema to use for scraping.'http' and 'https' are the expected values unless you rewrite the '__scheme__' label via relabeling.If empty, Prometheus uses the default value 'http'. @@ -3336,7 +3336,7 @@ Optional: Required: - `container` (String) Container specifies the target container within the Pod. -- `ports` (List of String) Ports are named container ports within the specified container. These container ports must be defined in the container for proper port allocation. +- `ports` (List of String) Ports are named container ports within the specified container.These container ports must be defined in the container for proper port allocation. @@ -3345,42 +3345,42 @@ Required: Optional: -- `account_provision` (Attributes) Defines the procedure to generate a new database account. Use Case: This action is designed to create system accounts that are utilized for replication, monitoring, backup, and other administrative tasks. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision)) -- `data_dump` (Attributes) Defines the procedure for exporting the data from a replica. Use Case: This action is intended for initializing a newly created replica with data. It involves exporting data from an existing replica and importing it into the new, empty replica. This is essential for synchronizing the state of replicas across the system. Applicability: Some database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality. In such cases, this action may not be required. The output should be a valid data dump streamed to stdout. It must exclude any irrelevant information to ensure that only the necessary data is exported for import into the new replica. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump)) -- `data_load` (Attributes) Defines the procedure for importing data into a replica. Use Case: This action is intended for initializing a newly created replica with data. It involves exporting data from an existing replica and importing it into the new, empty replica. This is essential for synchronizing the state of replicas across the system. Some database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality. In such cases, this action may not be required. Data should be received through stdin. If any error occurs during the process, the action must be able to guarantee idempotence to allow for retries from the beginning. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load)) -- `member_join` (Attributes) Defines the procedure to add a new replica to the replication group. This action is initiated after a replica pod becomes ready. The role of the replica (e.g., primary, secondary) will be determined and assigned as part of the action command implementation, or automatically by the database kernel or a sidecar utility like Patroni that implements a consensus algorithm. The container executing this action has access to following environment variables: - KB_SERVICE_PORT: The port used by the database service. - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. - KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group. - KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group. - KB_NEW_MEMBER_POD_NAME: The pod name of the replica being added to the group. - KB_NEW_MEMBER_POD_IP: The IP address of the replica being added to the group. Expected action output: - On Failure: An error message detailing the reason for any failure encountered during the addition of the new member. For example, to add a new OBServer to an OceanBase Cluster in 'zone1', the following command may be used: '''yaml command: - bash - -c - | ADDRESS=$(KB_MEMBER_ADDRESSES%%,*) HOST=$(echo $ADDRESS | cut -d ':' -f 1) PORT=$(echo $ADDRESS | cut -d ':' -f 2) CLIENT='mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e' $CLIENT 'ALTER SYSTEM ADD SERVER '$KB_NEW_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'' ''' Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join)) -- `member_leave` (Attributes) Defines the procedure to remove a replica from the replication group. This action is initiated before remove a replica from the group. The operator will wait for MemberLeave to complete successfully before releasing the replica and cleaning up related Kubernetes resources. The process typically includes updating configurations and informing other group members about the removal. Data migration is generally not part of this action and should be handled separately if needed. The container executing this action has access to following environment variables: - KB_SERVICE_PORT: The port used by the database service. - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. - KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group. - KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group. - KB_LEAVE_MEMBER_POD_NAME: The pod name of the replica being removed from the group. - KB_LEAVE_MEMBER_POD_IP: The IP address of the replica being removed from the group. Expected action output: - On Failure: An error message, if applicable, indicating why the action failed. For example, to remove an OBServer from an OceanBase Cluster in 'zone1', the following command can be executed: '''yaml command: - bash - -c - | ADDRESS=$(KB_MEMBER_ADDRESSES%%,*) HOST=$(echo $ADDRESS | cut -d ':' -f 1) PORT=$(echo $ADDRESS | cut -d ':' -f 2) CLIENT='mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e' $CLIENT 'ALTER SYSTEM DELETE SERVER '$KB_LEAVE_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'' ''' Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave)) -- `post_provision` (Attributes) Specifies the hook to be executed after a component's creation. By setting 'postProvision.customHandler.preCondition', you can determine the specific lifecycle stage at which the action should trigger: 'Immediately', 'RuntimeReady', 'ComponentReady', and 'ClusterReady'. with 'ComponentReady' being the default. The PostProvision Action is intended to run only once. The container executing this action has access to following environment variables: - KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., 'podIp1,podIp2'). - KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., 'pod1,pod2'). - KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostName1,hostName2'). - KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostIp1,hostIp2'). - KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component (e.g., 'pod1,pod2'). - KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'podIp1,podIp2'). - KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostName1,hostName2'). - KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostIp1,hostIp2'). - KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., 'comp1,comp2'). - KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted (e.g., 'comp1,comp2'). - KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted (e.g., 'comp1,comp2'). Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision)) -- `pre_terminate` (Attributes) Specifies the hook to be executed prior to terminating a component. The PreTerminate Action is intended to run only once. This action is executed immediately when a scale-down operation for the Component is initiated. The actual termination and cleanup of the Component and its associated resources will not proceed until the PreTerminate action has completed successfully. The container executing this action has access to following environment variables: - KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., 'podIp1,podIp2'). - KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., 'pod1,pod2'). - KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostName1,hostName2'). - KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostIp1,hostIp2'). - KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component (e.g., 'pod1,pod2'). - KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'podIp1,podIp2'). - KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostName1,hostName2'). - KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostIp1,hostIp2'). - KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., 'comp1,comp2'). - KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted (e.g., 'comp1,comp2'). - KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted (e.g., 'comp1,comp2'). - KB_CLUSTER_COMPONENT_IS_SCALING_IN: Indicates whether the component is currently scaling in. If this variable is present and set to 'true', it denotes that the component is undergoing a scale-in operation. During scale-in, data rebalancing is necessary to maintain cluster integrity. Contrast this with a cluster deletion scenario where data rebalancing is not required as the entire cluster is being cleaned up. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate)) -- `readonly` (Attributes) Defines the procedure to switch a replica into the read-only state. Use Case: This action is invoked when the database's volume capacity nears its upper limit and space is about to be exhausted. The container executing this action has access to following environment variables: - KB_POD_FQDN: The FQDN of the replica pod whose role is being checked. - KB_SERVICE_PORT: The port used by the database service. - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. Expected action output: - On Failure: An error message, if applicable, indicating why the action failed. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly)) -- `readwrite` (Attributes) Defines the procedure to transition a replica from the read-only state back to the read-write state. Use Case: This action is used to bring back a replica that was previously in a read-only state, which restricted write operations, to its normal operational state where it can handle both read and write operations. The container executing this action has access to following environment variables: - KB_POD_FQDN: The FQDN of the replica pod whose role is being checked. - KB_SERVICE_PORT: The port used by the database service. - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. Expected action output: - On Failure: An error message, if applicable, indicating why the action failed. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite)) -- `reconfigure` (Attributes) Defines the procedure that update a replica with new configuration. Note: This field is immutable once it has been set. This Action is reserved for future versions. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure)) -- `role_probe` (Attributes) Defines the procedure which is invoked regularly to assess the role of replicas. This action is periodically triggered by Lorry at the specified interval to determine the role of each replica. Upon successful execution, the action's output designates the role of the replica, which should match one of the predefined role names within 'componentDefinition.spec.roles'. The output is then compared with the previous successful execution result. If a role change is detected, an event is generated to inform the controller, which initiates an update of the replica's role. Defining a RoleProbe Action for a Component is required if roles are defined for the Component. It ensures replicas are correctly labeled with their respective roles. Without this, services that rely on roleSelectors might improperly direct traffic to wrong replicas. The container executing this action has access to following environment variables: - KB_POD_FQDN: The FQDN of the Pod whose role is being assessed. - KB_SERVICE_PORT: The port used by the database service. - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. Expected output of this action: - On Success: The determined role of the replica, which must align with one of the roles specified in the component definition. - On Failure: An error message, if applicable, indicating why the action failed. Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe)) -- `switchover` (Attributes) Defines the procedure for a controlled transition of leadership from the current leader to a new replica. This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations involving the current leader node. The container executing this action has access to following environment variables: - KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty). - KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty). - KB_LEADER_POD_IP: The IP address of the current leader's pod prior to the switchover. - KB_LEADER_POD_NAME: The name of the current leader's pod prior to the switchover. - KB_LEADER_POD_FQDN: The FQDN of the current leader's pod prior to the switchover. The environment variables with the following prefixes are deprecated and will be removed in future releases: - KB_REPLICATION_PRIMARY_POD_ - KB_CONSENSUS_LEADER_POD_ Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover)) +- `account_provision` (Attributes) Defines the procedure to generate a new database account.Use Case:This action is designed to create system accounts that are utilized for replication, monitoring, backup,and other administrative tasks.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision)) +- `data_dump` (Attributes) Defines the procedure for exporting the data from a replica.Use Case:This action is intended for initializing a newly created replica with data. It involves exporting datafrom an existing replica and importing it into the new, empty replica. This is essential for synchronizingthe state of replicas across the system.Applicability:Some database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.In such cases, this action may not be required.The output should be a valid data dump streamed to stdout. It must exclude any irrelevant information to ensurethat only the necessary data is exported for import into the new replica.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump)) +- `data_load` (Attributes) Defines the procedure for importing data into a replica.Use Case:This action is intended for initializing a newly created replica with data. It involves exporting datafrom an existing replica and importing it into the new, empty replica. This is essential for synchronizingthe state of replicas across the system.Some database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.In such cases, this action may not be required.Data should be received through stdin. If any error occurs during the process,the action must be able to guarantee idempotence to allow for retries from the beginning.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load)) +- `member_join` (Attributes) Defines the procedure to add a new replica to the replication group.This action is initiated after a replica pod becomes ready.The role of the replica (e.g., primary, secondary) will be determined and assigned as part of the action commandimplementation, or automatically by the database kernel or a sidecar utility like Patroni that implementsa consensus algorithm.The container executing this action has access to following environment variables:- KB_SERVICE_PORT: The port used by the database service.- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.- KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group.- KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group.- KB_NEW_MEMBER_POD_NAME: The pod name of the replica being added to the group.- KB_NEW_MEMBER_POD_IP: The IP address of the replica being added to the group.Expected action output:- On Failure: An error message detailing the reason for any failure encountered during the addition of the new member.For example, to add a new OBServer to an OceanBase Cluster in 'zone1', the following command may be used:'''yamlcommand:- bash- -c- | ADDRESS=$(KB_MEMBER_ADDRESSES%%,*) HOST=$(echo $ADDRESS | cut -d ':' -f 1) PORT=$(echo $ADDRESS | cut -d ':' -f 2) CLIENT='mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e' $CLIENT 'ALTER SYSTEM ADD SERVER '$KB_NEW_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'''''Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join)) +- `member_leave` (Attributes) Defines the procedure to remove a replica from the replication group.This action is initiated before remove a replica from the group.The operator will wait for MemberLeave to complete successfully before releasing the replica and cleaning uprelated Kubernetes resources.The process typically includes updating configurations and informing other group members about the removal.Data migration is generally not part of this action and should be handled separately if needed.The container executing this action has access to following environment variables:- KB_SERVICE_PORT: The port used by the database service.- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.- KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group.- KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group.- KB_LEAVE_MEMBER_POD_NAME: The pod name of the replica being removed from the group.- KB_LEAVE_MEMBER_POD_IP: The IP address of the replica being removed from the group.Expected action output:- On Failure: An error message, if applicable, indicating why the action failed.For example, to remove an OBServer from an OceanBase Cluster in 'zone1', the following command can be executed:'''yamlcommand:- bash- -c- | ADDRESS=$(KB_MEMBER_ADDRESSES%%,*) HOST=$(echo $ADDRESS | cut -d ':' -f 1) PORT=$(echo $ADDRESS | cut -d ':' -f 2) CLIENT='mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e' $CLIENT 'ALTER SYSTEM DELETE SERVER '$KB_LEAVE_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'''''Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave)) +- `post_provision` (Attributes) Specifies the hook to be executed after a component's creation.By setting 'postProvision.customHandler.preCondition', you can determine the specific lifecycle stageat which the action should trigger: 'Immediately', 'RuntimeReady', 'ComponentReady', and 'ClusterReady'.with 'ComponentReady' being the default.The PostProvision Action is intended to run only once.The container executing this action has access to following environment variables:- KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., 'podIp1,podIp2').- KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., 'pod1,pod2').- KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostName1,hostName2').- KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostIp1,hostIp2').- KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component (e.g., 'pod1,pod2').- KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'podIp1,podIp2').- KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostName1,hostName2').- KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostIp1,hostIp2').- KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., 'comp1,comp2').- KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted (e.g., 'comp1,comp2').- KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted (e.g., 'comp1,comp2').Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision)) +- `pre_terminate` (Attributes) Specifies the hook to be executed prior to terminating a component.The PreTerminate Action is intended to run only once.This action is executed immediately when a scale-down operation for the Component is initiated.The actual termination and cleanup of the Component and its associated resources will not proceeduntil the PreTerminate action has completed successfully.The container executing this action has access to following environment variables:- KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., 'podIp1,podIp2').- KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., 'pod1,pod2').- KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostName1,hostName2').- KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in KB_CLUSTER_POD_NAME_LIST (e.g., 'hostIp1,hostIp2').- KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component (e.g., 'pod1,pod2').- KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'podIp1,podIp2').- KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostName1,hostName2').- KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod, matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., 'hostIp1,hostIp2').- KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., 'comp1,comp2').- KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted (e.g., 'comp1,comp2').- KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted (e.g., 'comp1,comp2').- KB_CLUSTER_COMPONENT_IS_SCALING_IN: Indicates whether the component is currently scaling in. If this variable is present and set to 'true', it denotes that the component is undergoing a scale-in operation. During scale-in, data rebalancing is necessary to maintain cluster integrity. Contrast this with a cluster deletion scenario where data rebalancing is not required as the entire cluster is being cleaned up.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate)) +- `readonly` (Attributes) Defines the procedure to switch a replica into the read-only state.Use Case:This action is invoked when the database's volume capacity nears its upper limit and space is about to be exhausted.The container executing this action has access to following environment variables:- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.- KB_SERVICE_PORT: The port used by the database service.- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.Expected action output:- On Failure: An error message, if applicable, indicating why the action failed.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly)) +- `readwrite` (Attributes) Defines the procedure to transition a replica from the read-only state back to the read-write state.Use Case:This action is used to bring back a replica that was previously in a read-only state,which restricted write operations, to its normal operational state where it can handleboth read and write operations.The container executing this action has access to following environment variables:- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.- KB_SERVICE_PORT: The port used by the database service.- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.Expected action output:- On Failure: An error message, if applicable, indicating why the action failed.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite)) +- `reconfigure` (Attributes) Defines the procedure that update a replica with new configuration.Note: This field is immutable once it has been set.This Action is reserved for future versions. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure)) +- `role_probe` (Attributes) Defines the procedure which is invoked regularly to assess the role of replicas.This action is periodically triggered by Lorry at the specified interval to determine the role of each replica.Upon successful execution, the action's output designates the role of the replica,which should match one of the predefined role names within 'componentDefinition.spec.roles'.The output is then compared with the previous successful execution result.If a role change is detected, an event is generated to inform the controller,which initiates an update of the replica's role.Defining a RoleProbe Action for a Component is required if roles are defined for the Component.It ensures replicas are correctly labeled with their respective roles.Without this, services that rely on roleSelectors might improperly direct traffic to wrong replicas.The container executing this action has access to following environment variables:- KB_POD_FQDN: The FQDN of the Pod whose role is being assessed.- KB_SERVICE_PORT: The port used by the database service.- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.Expected output of this action:- On Success: The determined role of the replica, which must align with one of the roles specified in the component definition.- On Failure: An error message, if applicable, indicating why the action failed.Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe)) +- `switchover` (Attributes) Defines the procedure for a controlled transition of leadership from the current leader to a new replica.This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operationsinvolving the current leader node.The container executing this action has access to following environment variables:- KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty).- KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty).- KB_LEADER_POD_IP: The IP address of the current leader's pod prior to the switchover.- KB_LEADER_POD_NAME: The name of the current leader's pod prior to the switchover.- KB_LEADER_POD_FQDN: The FQDN of the current leader's pod prior to the switchover.The environment variables with the following prefixes are deprecated and will be removed in future releases:- KB_REPLICATION_PRIMARY_POD_- KB_CONSENSUS_LEADER_POD_Note: This field is immutable once it has been set. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover)) ### Nested Schema for `spec.lifecycle_actions.account_provision` Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.account_provision.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.account_provision.custom_handler.env` @@ -3391,7 +3391,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from)) @@ -3400,8 +3400,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--env--value_from--secret_key_ref)) @@ -3413,7 +3413,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -3451,7 +3451,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -3463,7 +3463,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -3471,22 +3471,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--account_provision--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.account_provision.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -3496,8 +3496,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -3507,24 +3507,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.data_dump.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.data_dump.custom_handler.env` @@ -3535,7 +3535,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from)) @@ -3544,8 +3544,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--env--value_from--secret_key_ref)) @@ -3557,7 +3557,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -3595,7 +3595,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -3607,7 +3607,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -3615,22 +3615,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_dump--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.data_dump.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -3640,8 +3640,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -3651,24 +3651,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.data_load.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.data_load.custom_handler.env` @@ -3679,7 +3679,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from)) @@ -3688,8 +3688,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--env--value_from--secret_key_ref)) @@ -3701,7 +3701,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -3739,7 +3739,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -3751,7 +3751,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -3759,22 +3759,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--data_load--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.data_load.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -3784,8 +3784,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -3795,24 +3795,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.member_join.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.member_join.custom_handler.env` @@ -3823,7 +3823,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from)) @@ -3832,8 +3832,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--env--value_from--secret_key_ref)) @@ -3845,7 +3845,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -3883,7 +3883,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -3895,7 +3895,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -3903,22 +3903,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_join--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.member_join.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -3928,8 +3928,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -3939,24 +3939,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.member_leave.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.member_leave.custom_handler.env` @@ -3967,7 +3967,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from)) @@ -3976,8 +3976,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--env--value_from--secret_key_ref)) @@ -3989,7 +3989,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4027,7 +4027,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4039,7 +4039,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4047,22 +4047,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--member_leave--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.member_leave.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4072,8 +4072,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4083,24 +4083,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.post_provision.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.post_provision.custom_handler.env` @@ -4111,7 +4111,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from)) @@ -4120,8 +4120,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--env--value_from--secret_key_ref)) @@ -4133,7 +4133,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4171,7 +4171,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4183,7 +4183,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4191,22 +4191,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--post_provision--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.post_provision.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4216,8 +4216,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4227,24 +4227,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.pre_terminate.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.pre_terminate.custom_handler.env` @@ -4255,7 +4255,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from)) @@ -4264,8 +4264,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--env--value_from--secret_key_ref)) @@ -4277,7 +4277,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4315,7 +4315,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4327,7 +4327,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4335,22 +4335,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--pre_terminate--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.pre_terminate.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4360,8 +4360,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4371,24 +4371,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.readonly.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.readonly.custom_handler.env` @@ -4399,7 +4399,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from)) @@ -4408,8 +4408,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--env--value_from--secret_key_ref)) @@ -4421,7 +4421,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4459,7 +4459,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4471,7 +4471,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4479,22 +4479,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readonly--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.readonly.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4504,8 +4504,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4515,24 +4515,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.readwrite.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.readwrite.custom_handler.env` @@ -4543,7 +4543,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from)) @@ -4552,8 +4552,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--env--value_from--secret_key_ref)) @@ -4565,7 +4565,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4603,7 +4603,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4615,7 +4615,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4623,22 +4623,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--readwrite--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.readwrite.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4648,8 +4648,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4659,24 +4659,24 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler)) +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler)) ### Nested Schema for `spec.lifecycle_actions.reconfigure.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.reconfigure.custom_handler.env` @@ -4687,7 +4687,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from)) @@ -4696,8 +4696,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--env--value_from--secret_key_ref)) @@ -4709,7 +4709,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4747,7 +4747,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4759,7 +4759,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4767,22 +4767,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--reconfigure--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.reconfigure.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4792,8 +4792,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4803,27 +4803,27 @@ Optional: Optional: -- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions. Lorry, as a sidecar agent co-located with the database container in the same Pod, includes a suite of built-in action implementations that are tailored to different database engines. These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd', 'postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'. If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handler to execute the specified lifecycle actions. The 'builtinHandler' field is of type 'BuiltinActionHandlerType', which represents the name of the built-in handler. The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across all actions. This means that if you specify a built-in handler for one action, you should use the same handler for all other actions throughout the entire 'ComponentLifecycleActions' collection. If you need to define lifecycle actions for database engines not covered by the existing built-in support, or when the pre-existing built-in handlers do not meet your specific needs, you can use the 'customHandler' field to define your own action implementation. Deprecation Notice: - In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions. - Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent. - Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. -- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging tailored actions. An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning to support GRPCAction, thereby accommodating unique logic for different database systems within the Action's framework. In future iterations, all built-in handlers are expected to transition to GRPCAction. This change means that Lorry or other sidecar agents will expose the implementation of actions through a GRPC interface for external invocation. Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler)) -- `initial_delay_seconds` (Number) Specifies the number of seconds to wait after the container has started before the RoleProbe begins to detect the container's role. -- `period_seconds` (Number) Specifies the frequency at which the probe is conducted. This value is expressed in seconds. Default to 10 seconds. Minimum value is 1. -- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. +- `builtin_handler` (String) Specifies the name of the predefined action handler to be invoked for lifecycle actions.Lorry, as a sidecar agent co-located with the database container in the same Pod,includes a suite of built-in action implementations that are tailored to different database engines.These are known as 'builtin' handlers, includes: 'mysql', 'redis', 'mongodb', 'etcd','postgresql', 'official-postgresql', 'apecloud-postgresql', 'wesql', 'oceanbase', 'polardbx'.If the 'builtinHandler' field is specified, it instructs Lorry to utilize its internal built-in action handlerto execute the specified lifecycle actions.The 'builtinHandler' field is of type 'BuiltinActionHandlerType',which represents the name of the built-in handler.The 'builtinHandler' specified within the same 'ComponentLifecycleActions' should be consistent across allactions.This means that if you specify a built-in handler for one action, you should use the same handlerfor all other actions throughout the entire 'ComponentLifecycleActions' collection.If you need to define lifecycle actions for database engines not covered by the existing built-in support,or when the pre-existing built-in handlers do not meet your specific needs,you can use the 'customHandler' field to define your own action implementation.Deprecation Notice:- In the future, the 'builtinHandler' field will be deprecated in favor of using the 'customHandler' field for configuring all lifecycle actions.- Instead of using a name to indicate the built-in action implementations in Lorry, the recommended approach will be to explicitly invoke the desired action implementation through a gRPC interface exposed by the sidecar agent.- Developers will have the flexibility to either use the built-in action implementations provided by Lorry or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.- This change will allow for greater customization and extensibility of lifecycle actions, as developers can create their own 'builtin' implementations tailored to their specific requirements. +- `custom_handler` (Attributes) Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.It offers a flexible and expandable approach for customizing the behavior of a Component by leveragingtailored actions.An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planningto support GRPCAction,thereby accommodating unique logic for different database systems within the Action's framework.In future iterations, all built-in handlers are expected to transition to GRPCAction.This change means that Lorry or other sidecar agents will expose the implementation of actionsthrough a GRPC interface for external invocation.Then the controller will interact with these actions via GRPCAction calls. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler)) +- `initial_delay_seconds` (Number) Specifies the number of seconds to wait after the container has started before the RoleProbebegins to detect the container's role. +- `period_seconds` (Number) Specifies the frequency at which the probe is conducted. This value is expressed in seconds.Default to 10 seconds. Minimum value is 1. +- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1. ### Nested Schema for `spec.lifecycle_actions.role_probe.custom_handler` Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.role_probe.custom_handler.env` @@ -4834,7 +4834,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from)) @@ -4843,8 +4843,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--env--value_from--secret_key_ref)) @@ -4856,7 +4856,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -4894,7 +4894,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -4906,7 +4906,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -4914,22 +4914,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--role_probe--custom_handler--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.role_probe.custom_handler.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -4939,8 +4939,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -4950,9 +4950,9 @@ Optional: Optional: -- `script_spec_selectors` (Attributes List) Used to define the selectors for the scriptSpecs that need to be referenced. If this field is set, the scripts defined under the 'scripts' field can be invoked or referenced within an Action. This field is deprecated from v0.9. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--script_spec_selectors)) -- `with_candidate` (Attributes) Represents the switchover process for a specified candidate primary or leader instance. Note that only Action.Exec is currently supported, while Action.HTTP is not. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate)) -- `without_candidate` (Attributes) Represents a switchover process that does not involve a specific candidate primary or leader instance. As with the previous field, only Action.Exec is currently supported, not Action.HTTP. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate)) +- `script_spec_selectors` (Attributes List) Used to define the selectors for the scriptSpecs that need to be referenced.If this field is set, the scripts defined under the 'scripts' field can be invoked or referenced within an Action.This field is deprecated from v0.9.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--script_spec_selectors)) +- `with_candidate` (Attributes) Represents the switchover process for a specified candidate primary or leader instance.Note that only Action.Exec is currently supported, while Action.HTTP is not. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate)) +- `without_candidate` (Attributes) Represents a switchover process that does not involve a specific candidate primary or leader instance.As with the previous field, only Action.Exec is currently supported, not Action.HTTP. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate)) ### Nested Schema for `spec.lifecycle_actions.switchover.script_spec_selectors` @@ -4967,16 +4967,16 @@ Required: Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.switchover.with_candidate.env` @@ -4987,7 +4987,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from)) @@ -4996,8 +4996,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--env--value_from--secret_key_ref)) @@ -5009,7 +5009,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -5047,7 +5047,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -5059,7 +5059,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -5067,22 +5067,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--with_candidate--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.switchover.with_candidate.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -5092,8 +5092,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -5102,16 +5102,16 @@ Optional: Optional: -- `container` (String) Defines the name of the container within the target Pod where the action will be executed. This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'. If this field is not specified, the default behavior is to use the first container listed in 'componentDefinition.spec.runtime'. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `env` (Attributes List) Represents a list of environment variables that will be injected into the container. These variables enable the container to adapt its behavior based on the environment it's running in. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env)) -- `exec` (Attributes) Defines the command to run. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--exec)) -- `http` (Attributes) Specifies the HTTP request to perform. This field cannot be updated. Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--http)) -- `image` (String) Specifies the container image to be used for running the Action. When specified, a dedicated container will be created using this image to execute the Action. This field is mutually exclusive with the 'container' field; only one of them should be provided. This field cannot be updated. -- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution. The impact of this field depends on the 'targetPodSelector' value: - When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored. - When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed. Currently, this is only applicable to the 'postProvision' action. The conditions are as follows: - 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage. - 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state. - 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster. - 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness. This field cannot be updated. -- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure. It specifies the conditions under which the Action should be retried and the limits to apply, such as the maximum number of retries and backoff strategy. This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--retry_policy)) -- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action. This is useful when there is no default target replica identified. It allows for precise control over which Pod(s) the Action should run in. This field cannot be updated. Note: This field is reserved for future use and is not currently active. -- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run. If the Action does not complete within this time frame, it will be terminated. This field cannot be updated. +- `container` (String) Defines the name of the container within the target Pod where the action will be executed.This name must correspond to one of the containers defined in 'componentDefinition.spec.runtime'.If this field is not specified, the default behavior is to use the first container listed in'componentDefinition.spec.runtime'.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `env` (Attributes List) Represents a list of environment variables that will be injected into the container.These variables enable the container to adapt its behavior based on the environment it's running in.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env)) +- `exec` (Attributes) Defines the command to run.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--exec)) +- `http` (Attributes) Specifies the HTTP request to perform.This field cannot be updated.Note: HTTPAction is to be implemented in future version. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--http)) +- `image` (String) Specifies the container image to be used for running the Action.When specified, a dedicated container will be created using this image to execute the Action.This field is mutually exclusive with the 'container' field; only one of them should be provided.This field cannot be updated. +- `matching_key` (String) Used in conjunction with the 'targetPodSelector' field to refine the selection of target pod(s) for Action execution.The impact of this field depends on the 'targetPodSelector' value:- When 'targetPodSelector' is set to 'Any' or 'All', this field will be ignored.- When 'targetPodSelector' is set to 'Role', only those replicas whose role matches the 'matchingKey' will be selected for the Action.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `pre_condition` (String) Specifies the state that the cluster must reach before the Action is executed.Currently, this is only applicable to the 'postProvision' action.The conditions are as follows:- 'Immediately': Executed right after the Component object is created. The readiness of the Component and its resources is not guaranteed at this stage.- 'RuntimeReady': The Action is triggered after the Component object has been created and all associated runtime resources (e.g. Pods) are in a ready state.- 'ComponentReady': The Action is triggered after the Component itself is in a ready state. This process does not affect the readiness state of the Component or the Cluster.- 'ClusterReady': The Action is executed after the Cluster is in a ready state. This execution does not alter the Component or the Cluster's state of readiness.This field cannot be updated. +- `retry_policy` (Attributes) Defines the strategy to be taken when retrying the Action after a failure.It specifies the conditions under which the Action should be retried and the limits to apply,such as the maximum number of retries and backoff strategy.This field cannot be updated. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--retry_policy)) +- `target_pod_selector` (String) Defines the criteria used to select the target Pod(s) for executing the Action.This is useful when there is no default target replica identified.It allows for precise control over which Pod(s) the Action should run in.This field cannot be updated.Note: This field is reserved for future use and is not currently active. +- `timeout_seconds` (Number) Specifies the maximum duration in seconds that the Action is allowed to run.If the Action does not complete within this time frame, it will be terminated.This field cannot be updated. ### Nested Schema for `spec.lifecycle_actions.switchover.without_candidate.env` @@ -5122,7 +5122,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from)) @@ -5131,8 +5131,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--env--value_from--secret_key_ref)) @@ -5144,7 +5144,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -5182,7 +5182,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -5194,7 +5194,7 @@ Optional: Optional: - `args` (List of String) Args represents the arguments that are passed to the 'command' for execution. -- `command` (List of String) Specifies the command to be executed inside the container. The working directory for this command is the container's root directory('/'). Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. If the shell is required, it must be explicitly invoked in the command. A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. +- `command` (List of String) Specifies the command to be executed inside the container.The working directory for this command is the container's root directory('/').Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.If the shell is required, it must be explicitly invoked in the command.A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. @@ -5202,22 +5202,22 @@ Optional: Required: -- `port` (String) Specifies the target port for the HTTP request. It can be specified either as a numeric value in the range of 1 to 65535, or as a named port that meets the IANA_SVC_NAME specification. +- `port` (String) Specifies the target port for the HTTP request.It can be specified either as a numeric value in the range of 1 to 65535,or as a named port that meets the IANA_SVC_NAME specification. Optional: -- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP. Prefer setting the 'Host' header in httpHeaders when needed. -- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request. HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--http--http_headers)) -- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc. If not specified, 'GET' is the default method. +- `host` (String) Indicates the server's domain name or IP address. Defaults to the Pod's IP.Prefer setting the 'Host' header in httpHeaders when needed. +- `http_headers` (Attributes List) Allows for the inclusion of custom headers in the request.HTTP permits the use of repeated headers. (see [below for nested schema](#nestedatt--spec--lifecycle_actions--switchover--without_candidate--http--http_headers)) +- `method` (String) Represents the type of HTTP request to be made, such as 'GET,' 'POST,' 'PUT,' etc.If not specified, 'GET' is the default method. - `path` (String) Specifies the endpoint to be requested on the HTTP server. -- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS. If not specified, HTTP is used by default. +- `scheme` (String) Designates the protocol used to make the request, such as HTTP or HTTPS.If not specified, HTTP is used by default. ### Nested Schema for `spec.lifecycle_actions.switchover.without_candidate.http.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -5227,8 +5227,8 @@ Required: Optional: -- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action. This value is set to 0 by default, indicating that no retries will be made. -- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt. This value is set to 0 by default, indicating that there will be no delay between retry attempts. +- `max_retries` (Number) Defines the maximum number of retry attempts that should be made for a given Action.This value is set to 0 by default, indicating that no retries will be made. +- `retry_interval` (Number) Indicates the duration of time to wait between each retry attempt.This value is set to 0 by default, indicating that there will be no delay between retry attempts. @@ -5239,8 +5239,8 @@ Optional: Required: -- `file_path_pattern` (String) Specifies the paths or patterns identifying where the log files are stored. This field allows the system to locate and manage log files effectively. Examples: - /home/postgres/pgdata/pgroot/data/log/postgresql-* - /data/mysql/log/mysqld-error.log -- `name` (String) Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file. It provides a clear identification of the log's purpose and content. +- `file_path_pattern` (String) Specifies the paths or patterns identifying where the log files are stored.This field allows the system to locate and manage log files effectively.Examples:- /home/postgres/pgdata/pgroot/data/log/postgresql-*- /data/mysql/log/mysqld-error.log +- `name` (String) Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file.It provides a clear identification of the log's purpose and content. @@ -5248,8 +5248,8 @@ Required: Optional: -- `built_in` (Boolean) builtIn is a switch to enable KubeBlocks builtIn monitoring. If BuiltIn is set to true, monitor metrics will be scraped automatically. If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. -- `exporter_config` (Attributes) exporterConfig provided by provider, which specify necessary information to Time Series Database. exporterConfig is valid when builtIn is false. (see [below for nested schema](#nestedatt--spec--monitor--exporter_config)) +- `built_in` (Boolean) builtIn is a switch to enable KubeBlocks builtIn monitoring.If BuiltIn is set to true, monitor metrics will be scraped automatically.If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. +- `exporter_config` (Attributes) exporterConfig provided by provider, which specify necessary information to Time Series Database.exporterConfig is valid when builtIn is false. (see [below for nested schema](#nestedatt--spec--monitor--exporter_config)) ### Nested Schema for `spec.monitor.exporter_config` @@ -5273,8 +5273,8 @@ Required: Optional: -- `api_groups` (List of String) APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. '' represents the core API group and '*' represents all API groups. -- `non_resource_urls` (List of String) NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as 'pods' or 'secrets') or non-resource URL paths (such as '/api'), but not both. +- `api_groups` (List of String) APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one ofthe enumerated resources in any API group will be allowed. '' represents the core API group and '*' represents all API groups. +- `non_resource_urls` (List of String) NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the pathSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.Rules can either apply to API resources (such as 'pods' or 'secrets') or non-resource URL paths (such as '/api'), but not both. - `resource_names` (List of String) ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. - `resources` (List of String) Resources is a list of resources this rule applies to. '*' represents all resources. @@ -5293,13 +5293,13 @@ Required: Required: -- `name` (String) Defines the role's identifier. It is used to set the 'apps.kubeblocks.io/role' label value on the corresponding object. This field is immutable once set. +- `name` (String) Defines the role's identifier. It is used to set the 'apps.kubeblocks.io/role' label valueon the corresponding object.This field is immutable once set. Optional: -- `serviceable` (Boolean) Indicates whether a replica assigned this role is capable of providing services. This field is immutable once set. -- `votable` (Boolean) Specifies whether a replica with this role has voting rights. In distributed systems, this typically means the replica can participate in consensus decisions, configuration changes, or other processes that require a quorum. This field is immutable once set. -- `writable` (Boolean) Determines if a replica in this role has the authority to perform write operations. A writable replica can modify data, handle update operations. This field is immutable once set. +- `serviceable` (Boolean) Indicates whether a replica assigned this role is capable of providing services.This field is immutable once set. +- `votable` (Boolean) Specifies whether a replica with this role has voting rights.In distributed systems, this typically means the replica can participate in consensus decisions,configuration changes, or other processes that require a quorum.This field is immutable once set. +- `writable` (Boolean) Determines if a replica in this role has the authority to perform write operations.A writable replica can modify data, handle update operations.This field is immutable once set. @@ -5308,12 +5308,12 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -5323,19 +5323,19 @@ Optional: Required: - `name` (String) Specifies the name of the ServiceRefDeclaration. -- `service_ref_declaration_specs` (Attributes List) Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclaration upon Cluster creation. Each ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion, outlining the acceptable service types and versions that are compatible. This flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs. For example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed, either MySQL or PostgreSQL services can be used when binding. (see [below for nested schema](#nestedatt--spec--service_ref_declarations--service_ref_declaration_specs)) +- `service_ref_declaration_specs` (Attributes List) Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclarationupon Cluster creation.Each ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion,outlining the acceptable service types and versions that are compatible.This flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs.For example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed,either MySQL or PostgreSQL services can be used when binding. (see [below for nested schema](#nestedatt--spec--service_ref_declarations--service_ref_declaration_specs)) Optional: -- `optional` (Boolean) Specifies whether the service reference can be optional. For an optional service-ref, the component can still be created even if the service-ref is not provided. +- `optional` (Boolean) Specifies whether the service reference can be optional.For an optional service-ref, the component can still be created even if the service-ref is not provided. ### Nested Schema for `spec.service_ref_declarations.service_ref_declaration_specs` Required: -- `service_kind` (String) Specifies the type or nature of the service. This should be a well-known application cluster type, such as {mysql, redis, mongodb}. The field is case-insensitive and supports abbreviations for some well-known databases. For instance, both 'zk' and 'zookeeper' are considered as a ZooKeeper cluster, while 'pg', 'postgres', 'postgresql' are all recognized as a PostgreSQL cluster. -- `service_version` (String) Defines the service version of the service reference. This is a regular expression that matches a version number pattern. For instance, '^8.0.8$', '8.0.d{1,2}$', '^[v-]*?(d{1,2}.){0,3}d{1,2}$' are all valid patterns. +- `service_kind` (String) Specifies the type or nature of the service. This should be a well-known application cluster type, such as{mysql, redis, mongodb}.The field is case-insensitive and supports abbreviations for some well-known databases.For instance, both 'zk' and 'zookeeper' are considered as a ZooKeeper cluster, while 'pg', 'postgres', 'postgresql'are all recognized as a PostgreSQL cluster. +- `service_version` (String) Defines the service version of the service reference. This is a regular expression that matches a version number pattern.For instance, '^8.0.8$', '8.0.d{1,2}$', '^[v-]*?(d{1,2}.){0,3}d{1,2}$' are all valid patterns. @@ -5344,41 +5344,41 @@ Required: Required: -- `name` (String) Name defines the name of the service. otherwise, it indicates the name of the service. Others can refer to this service by its name. (e.g., connection credential) Cannot be updated. +- `name` (String) Name defines the name of the service.otherwise, it indicates the name of the service.Others can refer to this service by its name. (e.g., connection credential)Cannot be updated. Optional: -- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. -- `disable_auto_provision` (Boolean) Indicates whether the automatic provisioning of the service should be disabled. If set to true, the service will not be automatically created at the component provisioning. Instead, you can enable the creation of this service by specifying it explicitly in the cluster API. -- `pod_service` (Boolean) Indicates whether to create a corresponding Service for each Pod of the selected Component. When set to true, a set of Services will be automatically generated for each Pod, and the 'roleSelector' field will be ignored. The names of the generated Services will follow the same suffix naming pattern: '$(serviceName)-$(podOrdinal)'. The total number of generated Services will be equal to the number of replicas specified for the Component. Example usage: '''yaml name: my-service serviceName: my-service podService: true disableAutoProvision: true spec: type: NodePort ports: - name: http port: 80 targetPort: 8080 ''' In this example, if the Component has 3 replicas, three Services will be generated: - my-service-0: Points to the first Pod (podOrdinal: 0) - my-service-1: Points to the second Pod (podOrdinal: 1) - my-service-2: Points to the third Pod (podOrdinal: 2) Each generated Service will have the specified spec configuration and will target its respective Pod. This feature is useful when you need to expose each Pod of a Component individually, allowing external access to specific instances of the Component. -- `role_selector` (String) Extends the above 'serviceSpec.selector' by allowing you to specify defined role as selector for the service. When 'roleSelector' is set, it adds a label selector 'kubeblocks.io/role: {roleSelector}' to the 'serviceSpec.selector'. Example usage: roleSelector: 'leader' In this example, setting 'roleSelector' to 'leader' will add a label selector 'kubeblocks.io/role: leader' to the 'serviceSpec.selector'. This means that the service will select and route traffic to Pods with the label 'kubeblocks.io/role' set to 'leader'. Note that if 'podService' sets to true, RoleSelector will be ignored. The 'podService' flag takes precedence over 'roleSelector' and generates a service for each Pod. -- `service_name` (String) ServiceName defines the name of the underlying service object. If not specified, the default service name with different patterns will be used: - CLUSTER_NAME: for cluster-level services - CLUSTER_NAME-COMPONENT_NAME: for component-level services Only one default service name is allowed. Cannot be updated. -- `spec` (Attributes) Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status (see [below for nested schema](#nestedatt--spec--services--spec)) +- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put hereMore info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +- `disable_auto_provision` (Boolean) Indicates whether the automatic provisioning of the service should be disabled.If set to true, the service will not be automatically created at the component provisioning.Instead, you can enable the creation of this service by specifying it explicitly in the cluster API. +- `pod_service` (Boolean) Indicates whether to create a corresponding Service for each Pod of the selected Component.When set to true, a set of Services will be automatically generated for each Pod,and the 'roleSelector' field will be ignored.The names of the generated Services will follow the same suffix naming pattern: '$(serviceName)-$(podOrdinal)'.The total number of generated Services will be equal to the number of replicas specified for the Component.Example usage:'''yamlname: my-serviceserviceName: my-servicepodService: truedisableAutoProvision: truespec: type: NodePort ports: - name: http port: 80 targetPort: 8080'''In this example, if the Component has 3 replicas, three Services will be generated:- my-service-0: Points to the first Pod (podOrdinal: 0)- my-service-1: Points to the second Pod (podOrdinal: 1)- my-service-2: Points to the third Pod (podOrdinal: 2)Each generated Service will have the specified spec configuration and will target its respective Pod.This feature is useful when you need to expose each Pod of a Component individually, allowing external accessto specific instances of the Component. +- `role_selector` (String) Extends the above 'serviceSpec.selector' by allowing you to specify defined role as selector for the service.When 'roleSelector' is set, it adds a label selector 'kubeblocks.io/role: {roleSelector}'to the 'serviceSpec.selector'.Example usage: roleSelector: 'leader'In this example, setting 'roleSelector' to 'leader' will add a label selector'kubeblocks.io/role: leader' to the 'serviceSpec.selector'.This means that the service will select and route traffic to Pods with the label'kubeblocks.io/role' set to 'leader'.Note that if 'podService' sets to true, RoleSelector will be ignored.The 'podService' flag takes precedence over 'roleSelector' and generates a service for each Pod. +- `service_name` (String) ServiceName defines the name of the underlying service object.If not specified, the default service name with different patterns will be used:- CLUSTER_NAME: for cluster-level services- CLUSTER_NAME-COMPONENT_NAME: for component-level servicesOnly one default service name is allowed.Cannot be updated. +- `spec` (Attributes) Spec defines the behavior of a service.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status (see [below for nested schema](#nestedatt--spec--services--spec)) ### Nested Schema for `spec.services.spec` Optional: -- `allocate_load_balancer_node_ports` (Boolean) allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is 'true'. It may be set to 'false' if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. -- `cluster_i_ps` (List of String) ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are 'None', empty string (''), or a valid IP address. Setting this to 'None' makes a 'headless service' (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies -- `cluster_ip` (String) clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are 'None', empty string (''), or a valid IP address. Setting this to 'None' makes a 'headless service' (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies -- `external_i_ps` (List of String) externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. -- `external_name` (String) externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires 'type' to be 'ExternalName'. -- `external_traffic_policy` (String) externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's 'externally-facing' addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to 'Local', the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, 'Cluster', uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get 'Cluster' semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. -- `health_check_node_port` (Number) healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set. -- `internal_traffic_policy` (String) InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to 'Local', the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, 'Cluster', uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). -- `ip_families` (List of String) IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are 'IPv4' and 'IPv6'. This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to 'headless' services. This field will be wiped when updating a Service to type ExternalName. This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. -- `ip_family_policy` (String) IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be 'SingleStack' (a single IP family), 'PreferDualStack' (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or 'RequireDualStack' (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. -- `load_balancer_class` (String) loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. 'internal-vip' or 'example.com/internal-vip'. Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. -- `load_balancer_ip` (String) Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available. -- `load_balancer_source_ranges` (List of String) If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.' More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ -- `ports` (Attributes List) The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--services--spec--ports)) -- `publish_not_ready_addresses` (Boolean) publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered 'ready' even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior. -- `selector` (Map of String) Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/ -- `session_affinity` (String) Supports 'ClientIP' and 'None'. Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `allocate_load_balancer_node_ports` (Boolean) allocateLoadBalancerNodePorts defines if NodePorts will be automaticallyallocated for services with type LoadBalancer. Default is 'true'. Itmay be set to 'false' if the cluster load-balancer does not rely onNodePorts. If the caller requests specific NodePorts (by specifying avalue), those requests will be respected, regardless of this field.This field may only be set for services with type LoadBalancer and willbe cleared if the type is changed to any other type. +- `cluster_i_ps` (List of String) ClusterIPs is a list of IP addresses assigned to this service, and areusually assigned randomly. If an address is specified manually, isin-range (as per system configuration), and is not in use, it will beallocated to the service; otherwise creation of the service will fail.This field may not be changed through updates unless the type field isalso being changed to ExternalName (which requires this field to beempty) or the type field is being changed from ExternalName (in whichcase this field may optionally be specified, as describe above). Validvalues are 'None', empty string (''), or a valid IP address. Settingthis to 'None' makes a 'headless service' (no virtual IP), which isuseful when direct endpoint connections are preferred and proxying isnot required. Only applies to types ClusterIP, NodePort, andLoadBalancer. If this field is specified when creating a Service of typeExternalName, creation will fail. This field will be wiped when updatinga Service to type ExternalName. If this field is not specified, it willbe initialized from the clusterIP field. If this field is specified,clients must ensure that clusterIPs[0] and clusterIP have the samevalue.This field may hold a maximum of two entries (dual-stack IPs, in either order).These IPs must correspond to the values of the ipFamilies field. BothclusterIPs and ipFamilies are governed by the ipFamilyPolicy field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `cluster_ip` (String) clusterIP is the IP address of the service and is usually assignedrandomly. If an address is specified manually, is in-range (as persystem configuration), and is not in use, it will be allocated to theservice; otherwise creation of the service will fail. This field may notbe changed through updates unless the type field is also being changedto ExternalName (which requires this field to be blank) or the typefield is being changed from ExternalName (in which case this field mayoptionally be specified, as describe above). Valid values are 'None',empty string (''), or a valid IP address. Setting this to 'None' makes a'headless service' (no virtual IP), which is useful when direct endpointconnections are preferred and proxying is not required. Only applies totypes ClusterIP, NodePort, and LoadBalancer. If this field is specifiedwhen creating a Service of type ExternalName, creation will fail. Thisfield will be wiped when updating a Service to type ExternalName.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `external_i_ps` (List of String) externalIPs is a list of IP addresses for which nodes in the clusterwill also accept traffic for this service. These IPs are not managed byKubernetes. The user is responsible for ensuring that traffic arrivesat a node with this IP. A common example is external load-balancersthat are not part of the Kubernetes system. +- `external_name` (String) externalName is the external reference that discovery mechanisms willreturn as an alias for this service (e.g. a DNS CNAME record). Noproxying will be involved. Must be a lowercase RFC-1123 hostname(https://tools.ietf.org/html/rfc1123) and requires 'type' to be 'ExternalName'. +- `external_traffic_policy` (String) externalTrafficPolicy describes how nodes distribute service traffic theyreceive on one of the Service's 'externally-facing' addresses (NodePorts,ExternalIPs, and LoadBalancer IPs). If set to 'Local', the proxy will configurethe service in a way that assumes that external load balancers will take careof balancing the service traffic between nodes, and so each node will delivertraffic only to the node-local endpoints of the service, without masqueradingthe client source IP. (Traffic mistakenly sent to a node with no endpoints willbe dropped.) The default value, 'Cluster', uses the standard behavior ofrouting to all endpoints evenly (possibly modified by topology and otherfeatures). Note that traffic sent to an External IP or LoadBalancer IP fromwithin the cluster will always get 'Cluster' semantics, but clients sending toa NodePort from within the cluster may need to take traffic policy into accountwhen picking a node. +- `health_check_node_port` (Number) healthCheckNodePort specifies the healthcheck nodePort for the service.This only applies when type is set to LoadBalancer andexternalTrafficPolicy is set to Local. If a value is specified, isin-range, and is not in use, it will be used. If not specified, a valuewill be automatically allocated. External systems (e.g. load-balancers)can use this port to determine if a given node holds endpoints for thisservice or not. If this field is specified when creating a Servicewhich does not need it, creation will fail. This field will be wipedwhen updating a Service to no longer need it (e.g. changing type).This field cannot be updated once set. +- `internal_traffic_policy` (String) InternalTrafficPolicy describes how nodes distribute service traffic theyreceive on the ClusterIP. If set to 'Local', the proxy will assume that podsonly want to talk to endpoints of the service on the same node as the pod,dropping the traffic if there are no local endpoints. The default value,'Cluster', uses the standard behavior of routing to all endpoints evenly(possibly modified by topology and other features). +- `ip_families` (List of String) IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to thisservice. This field is usually assigned automatically based on clusterconfiguration and the ipFamilyPolicy field. If this field is specifiedmanually, the requested family is available in the cluster,and ipFamilyPolicy allows it, it will be used; otherwise creation ofthe service will fail. This field is conditionally mutable: it allowsfor adding or removing a secondary IP family, but it does not allowchanging the primary IP family of the Service. Valid values are 'IPv4'and 'IPv6'. This field only applies to Services of types ClusterIP,NodePort, and LoadBalancer, and does apply to 'headless' services.This field will be wiped when updating a Service to type ExternalName.This field may hold a maximum of two entries (dual-stack families, ineither order). These families must correspond to the values of theclusterIPs field, if specified. Both clusterIPs and ipFamilies aregoverned by the ipFamilyPolicy field. +- `ip_family_policy` (String) IPFamilyPolicy represents the dual-stack-ness requested or required bythis Service. If there is no value provided, then this field will be setto SingleStack. Services can be 'SingleStack' (a single IP family),'PreferDualStack' (two IP families on dual-stack configured clusters ora single IP family on single-stack clusters), or 'RequireDualStack'(two IP families on dual-stack configured clusters, otherwise fail). TheipFamilies and clusterIPs fields depend on the value of this field. Thisfield will be wiped when updating a service to type ExternalName. +- `load_balancer_class` (String) loadBalancerClass is the class of the load balancer implementation this Service belongs to.If specified, the value of this field must be a label-style identifier, with an optional prefix,e.g. 'internal-vip' or 'example.com/internal-vip'. Unprefixed names are reserved for end-users.This field can only be set when the Service type is 'LoadBalancer'. If not set, the default loadbalancer implementation is used, today this is typically done through the cloud provider integration,but should apply for any default implementation. If set, it is assumed that a load balancerimplementation is watching for Services with a matching class. Any default load balancerimplementation (e.g. cloud providers) should ignore Services that set this field.This field can only be set when creating or updating a Service to type 'LoadBalancer'.Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. +- `load_balancer_ip` (String) Only applies to Service Type: LoadBalancer.This feature depends on whether the underlying cloud-provider supports specifyingthe loadBalancerIP when a load balancer is created.This field will be ignored if the cloud-provider does not support the feature.Deprecated: This field was under-specified and its meaning varies across implementations.Using it is non-portable and it may not support dual-stack.Users are encouraged to use implementation-specific annotations when available. +- `load_balancer_source_ranges` (List of String) If specified and supported by the platform, this will restrict traffic through the cloud-providerload-balancer will be restricted to the specified client IPs. This field will be ignored if thecloud-provider does not support the feature.'More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ +- `ports` (Attributes List) The list of ports that are exposed by this service.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--services--spec--ports)) +- `publish_not_ready_addresses` (Boolean) publishNotReadyAddresses indicates that any agent which deals with endpoints for thisService should disregard any indications of ready/not-ready.The primary use case for setting this field is for a StatefulSet's Headless Service topropagate SRV DNS records for its Pods for the purpose of peer discovery.The Kubernetes controllers that generate Endpoints and EndpointSlice resources forServices interpret this to mean that all endpoints are considered 'ready' even if thePods themselves are not. Agents which consume only Kubernetes generated endpointsthrough the Endpoints or EndpointSlice resources can safely assume this behavior. +- `selector` (Map of String) Route service traffic to pods with label keys and values matching thisselector. If empty or not present, the service is assumed to have anexternal process managing its endpoints, which Kubernetes will notmodify. Only applies to types ClusterIP, NodePort, and LoadBalancer.Ignored if type is ExternalName.More info: https://kubernetes.io/docs/concepts/services-networking/service/ +- `session_affinity` (String) Supports 'ClientIP' and 'None'. Used to maintain session affinity.Enable client IP based session affinity.Must be ClientIP or None.Defaults to None.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - `session_affinity_config` (Attributes) sessionAffinityConfig contains the configurations of session affinity. (see [below for nested schema](#nestedatt--spec--services--spec--session_affinity_config)) -- `type` (String) type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. 'ClusterIP' allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is 'None', no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. 'ExternalName' aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types +- `type` (String) type determines how the Service is exposed. Defaults to ClusterIP. Validoptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.'ClusterIP' allocates a cluster-internal IP address for load-balancingto endpoints. Endpoints are determined by the selector or if that is notspecified, by manual construction of an Endpoints object orEndpointSlice objects. If clusterIP is 'None', no virtual IP isallocated and the endpoints are published as a set of endpoints ratherthan a virtual IP.'NodePort' builds on ClusterIP and allocates a port on every node whichroutes to the same endpoints as the clusterIP.'LoadBalancer' builds on NodePort and creates an external load-balancer(if supported in the current cloud) which routes to the same endpointsas the clusterIP.'ExternalName' aliases this service to the specified externalName.Several other fields do not apply to ExternalName services.More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types ### Nested Schema for `spec.services.spec.ports` @@ -5389,11 +5389,11 @@ Required: Optional: -- `app_protocol` (String) The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. -- `name` (String) The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. -- `node_port` (Number) The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport -- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'. Default is TCP. -- `target_port` (String) Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service +- `app_protocol` (String) The application protocol for this port.This is used as a hint for implementations to offer richer behavior for protocols that they understand.This field follows standard Kubernetes label syntax.Valid values are either:* Un-prefixed protocol names - reserved for IANA standard service names (as perRFC-6335 and https://www.iana.org/assignments/service-names).* Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455* Other protocols should use implementation-defined prefixed names such asmycompany.com/my-custom-protocol. +- `name` (String) The name of this port within the service. This must be a DNS_LABEL.All ports within a ServiceSpec must have unique names. When consideringthe endpoints for a Service, this must match the 'name' field in theEndpointPort.Optional if only one ServicePort is defined on this service. +- `node_port` (Number) The port on each node on which this service is exposed when type isNodePort or LoadBalancer. Usually assigned by the system. If a value isspecified, in-range, and not in use it will be used, otherwise theoperation will fail. If not specified, a port will be allocated if thisService requires one. If this field is specified when creating aService which does not need it, creation will fail. This field will bewiped when updating a Service to no longer need it (e.g. changing typefrom NodePort to ClusterIP).More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport +- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'.Default is TCP. +- `target_port` (String) Number or name of the port to access on the pods targeted by the service.Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.If this is a string, it will be looked up as a named port in thetarget Pod's container ports. If this is not specified, the valueof the 'port' field is used (an identity map).This field is ignored for services with clusterIP=None, and should beomitted or set equal to the 'port' field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service @@ -5408,7 +5408,7 @@ Optional: Optional: -- `timeout_seconds` (Number) timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == 'ClientIP'. Default value is 10800(for 3 hours). +- `timeout_seconds` (Number) timeoutSeconds specifies the seconds of ClientIP type session sticky time.The value must be >0 && <=86400(for 1 day) if ServiceAffinity == 'ClientIP'.Default value is 10800(for 3 hours). @@ -5419,14 +5419,14 @@ Optional: Required: -- `name` (String) Specifies the unique identifier for the account. This name is used by other entities to reference the account. This field is immutable once set. +- `name` (String) Specifies the unique identifier for the account. This name is used by other entities to reference the account.This field is immutable once set. Optional: -- `init_account` (Boolean) Indicates if this account is the unique system initialization account (e.g., MySQL root). Only one system initialization account is permitted. This field is immutable once set. -- `password_generation_policy` (Attributes) Specifies the policy for generating the account's password. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--password_generation_policy)) -- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--secret_ref)) -- `statement` (String) Defines the statement used to create the account with the necessary privileges. This field is immutable once set. +- `init_account` (Boolean) Indicates if this account is the unique system initialization account (e.g., MySQL root).Only one system initialization account is permitted.This field is immutable once set. +- `password_generation_policy` (Attributes) Specifies the policy for generating the account's password.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--password_generation_policy)) +- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--secret_ref)) +- `statement` (String) Defines the statement used to create the account with the necessary privileges.This field is immutable once set. ### Nested Schema for `spec.system_accounts.password_generation_policy` @@ -5437,7 +5437,7 @@ Optional: - `letter_case` (String) The case of the letters in the password. - `num_digits` (Number) The number of digits in the password. - `num_symbols` (Number) The number of symbols in the password. -- `seed` (String) Seed to generate the account's password. Cannot be updated. +- `seed` (String) Seed to generate the account's password.Cannot be updated. @@ -5459,8 +5459,8 @@ Required: Optional: -- `expression` (String) A Go template expression that will be applied to the resolved value of the var. The expression will only be evaluated if the var is successfully resolved to a non-credential value. The resolved value can be accessed by its name within the expression, system vars and other user-defined non-credential vars can be used within the expression in the same way. Notice that, when accessing vars by its name, you should replace all the '-' in the name with '_', because of that '-' is not a valid identifier in Go. All expressions are evaluated in the order the vars are defined. If a var depends on any vars that also have expressions defined, be careful about the evaluation order as it may use intermediate values. The result of evaluation will be used as the final value of the var. If the expression fails to evaluate, the resolving of var will also be considered failed. -- `value` (String) Variable references '$(VAR_NAME)' are expanded using the previously defined variables in the current context. If a variable cannot be resolved, the reference in the input string will be unchanged. Double '$$' are reduced to a single '$', which allows for escaping the '$(VAR_NAME)' syntax: i.e. - '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `expression` (String) A Go template expression that will be applied to the resolved value of the var.The expression will only be evaluated if the var is successfully resolved to a non-credential value.The resolved value can be accessed by its name within the expression, system vars and other user-definednon-credential vars can be used within the expression in the same way.Notice that, when accessing vars by its name, you should replace all the '-' in the name with '_', because ofthat '-' is not a valid identifier in Go.All expressions are evaluated in the order the vars are defined. If a var depends on any vars that alsohave expressions defined, be careful about the evaluation order as it may use intermediate values.The result of evaluation will be used as the final value of the var. If the expression fails to evaluate,the resolving of var will also be considered failed. +- `value` (String) Variable references '$(VAR_NAME)' are expanded using the previously defined variables in the current context.If a variable cannot be resolved, the reference in the input string will be unchanged.Double '$$' are reduced to a single '$', which allows for escaping the '$(VAR_NAME)' syntax: i.e.- '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variable exists or not.Defaults to ''. - `value_from` (Attributes) Source for the variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--vars--value_from)) @@ -5481,13 +5481,13 @@ Optional: Optional: -- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in. If not specified, the component itself will be used. +- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in.If not specified, the component itself will be used. - `component_name` (String) Reference to the name of the Component object. -- `instance_names` (String) Reference to the instanceName list of the component. and the value will be presented in the following format: instanceName1,instanceName2,... -- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef. If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--component_var_ref--multiple_cluster_object_option)) +- `instance_names` (String) Reference to the instanceName list of the component.and the value will be presented in the following format: instanceName1,instanceName2,... +- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef.If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--component_var_ref--multiple_cluster_object_option)) - `name` (String) Name of the referent object. - `optional` (Boolean) Specify whether the object must be defined. -- `pod_fqd_ns` (String) Reference to the pod FQDN list of the component. The value will be presented in the following format: FQDN1,FQDN2,... +- `pod_fqd_ns` (String) Reference to the pod FQDN list of the component.The value will be presented in the following format: FQDN1,FQDN2,... - `replicas` (String) Reference to the replicas of the component. @@ -5499,7 +5499,7 @@ Required: Optional: -- `combined_option` (Attributes) Define the options for handling combined variables. Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--component_var_ref--multiple_cluster_object_option--combined_option)) +- `combined_option` (Attributes) Define the options for handling combined variables.Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--component_var_ref--multiple_cluster_object_option--combined_option)) ### Nested Schema for `spec.vars.value_from.component_var_ref.multiple_cluster_object_option.combined_option` @@ -5507,7 +5507,7 @@ Optional: Optional: - `flatten_format` (Attributes) The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. (see [below for nested schema](#nestedatt--spec--vars--value_from--component_var_ref--multiple_cluster_object_option--combined_option--flatten_format)) -- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffix in pattern: $(var.name)_$(suffix). The new variable will be auto-created and placed behind the existing one. If not set, the existing variable will be reused with the value format defined below. +- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffixin pattern: $(var.name)_$(suffix).The new variable will be auto-created and placed behind the existing one.If not set, the existing variable will be reused with the value format defined below. - `value_format` (String) The format of the value that the operator will use to compose values from multiple components. @@ -5531,7 +5531,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -5540,8 +5540,8 @@ Optional: Optional: -- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in. If not specified, the component itself will be used. -- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef. If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--credential_var_ref--multiple_cluster_object_option)) +- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in.If not specified, the component itself will be used. +- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef.If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--credential_var_ref--multiple_cluster_object_option)) - `name` (String) Name of the referent object. - `optional` (Boolean) Specify whether the object must be defined. - `password` (String) VarOption defines whether a variable is required or optional. @@ -5556,7 +5556,7 @@ Required: Optional: -- `combined_option` (Attributes) Define the options for handling combined variables. Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--credential_var_ref--multiple_cluster_object_option--combined_option)) +- `combined_option` (Attributes) Define the options for handling combined variables.Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--credential_var_ref--multiple_cluster_object_option--combined_option)) ### Nested Schema for `spec.vars.value_from.credential_var_ref.multiple_cluster_object_option.combined_option` @@ -5564,7 +5564,7 @@ Optional: Optional: - `flatten_format` (Attributes) The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. (see [below for nested schema](#nestedatt--spec--vars--value_from--credential_var_ref--multiple_cluster_object_option--combined_option--flatten_format)) -- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffix in pattern: $(var.name)_$(suffix). The new variable will be auto-created and placed behind the existing one. If not set, the existing variable will be reused with the value format defined below. +- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffixin pattern: $(var.name)_$(suffix).The new variable will be auto-created and placed behind the existing one.If not set, the existing variable will be reused with the value format defined below. - `value_format` (String) The format of the value that the operator will use to compose values from multiple components. @@ -5584,9 +5584,9 @@ Required: Optional: -- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in. If not specified, the component itself will be used. +- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in.If not specified, the component itself will be used. - `container` (Attributes) ContainerVars defines the vars that can be referenced from a Container. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--container)) -- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef. If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--multiple_cluster_object_option)) +- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef.If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--multiple_cluster_object_option)) - `name` (String) Name of the referent object. - `optional` (Boolean) Specify whether the object must be defined. @@ -5620,7 +5620,7 @@ Required: Optional: -- `combined_option` (Attributes) Define the options for handling combined variables. Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--multiple_cluster_object_option--combined_option)) +- `combined_option` (Attributes) Define the options for handling combined variables.Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--multiple_cluster_object_option--combined_option)) ### Nested Schema for `spec.vars.value_from.host_network_var_ref.multiple_cluster_object_option.combined_option` @@ -5628,7 +5628,7 @@ Optional: Optional: - `flatten_format` (Attributes) The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. (see [below for nested schema](#nestedatt--spec--vars--value_from--host_network_var_ref--multiple_cluster_object_option--combined_option--flatten_format)) -- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffix in pattern: $(var.name)_$(suffix). The new variable will be auto-created and placed behind the existing one. If not set, the existing variable will be reused with the value format defined below. +- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffixin pattern: $(var.name)_$(suffix).The new variable will be auto-created and placed behind the existing one.If not set, the existing variable will be reused with the value format defined below. - `value_format` (String) The format of the value that the operator will use to compose values from multiple components. @@ -5652,7 +5652,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -5661,10 +5661,10 @@ Optional: Optional: -- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in. If not specified, the component itself will be used. +- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in.If not specified, the component itself will be used. - `endpoint` (String) VarOption defines whether a variable is required or optional. - `host` (String) VarOption defines whether a variable is required or optional. -- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef. If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_ref_var_ref--multiple_cluster_object_option)) +- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef.If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_ref_var_ref--multiple_cluster_object_option)) - `name` (String) Name of the referent object. - `optional` (Boolean) Specify whether the object must be defined. - `password` (String) VarOption defines whether a variable is required or optional. @@ -5680,7 +5680,7 @@ Required: Optional: -- `combined_option` (Attributes) Define the options for handling combined variables. Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_ref_var_ref--multiple_cluster_object_option--combined_option)) +- `combined_option` (Attributes) Define the options for handling combined variables.Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_ref_var_ref--multiple_cluster_object_option--combined_option)) ### Nested Schema for `spec.vars.value_from.service_ref_var_ref.multiple_cluster_object_option.combined_option` @@ -5688,7 +5688,7 @@ Optional: Optional: - `flatten_format` (Attributes) The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_ref_var_ref--multiple_cluster_object_option--combined_option--flatten_format)) -- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffix in pattern: $(var.name)_$(suffix). The new variable will be auto-created and placed behind the existing one. If not set, the existing variable will be reused with the value format defined below. +- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffixin pattern: $(var.name)_$(suffix).The new variable will be auto-created and placed behind the existing one.If not set, the existing variable will be reused with the value format defined below. - `value_format` (String) The format of the value that the operator will use to compose values from multiple components. @@ -5708,13 +5708,13 @@ Required: Optional: -- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in. If not specified, the component itself will be used. +- `comp_def` (String) CompDef specifies the definition used by the component that the referent object resident in.If not specified, the component itself will be used. - `host` (String) VarOption defines whether a variable is required or optional. -- `load_balancer` (String) LoadBalancer represents the LoadBalancer ingress point of the service. If multiple ingress points are available, the first one will be used automatically, choosing between IP and Hostname. -- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef. If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--multiple_cluster_object_option)) +- `load_balancer` (String) LoadBalancer represents the LoadBalancer ingress point of the service.If multiple ingress points are available, the first one will be used automatically, choosing between IP and Hostname. +- `multiple_cluster_object_option` (Attributes) This option defines the behavior when multiple component objects match the specified @CompDef.If not provided, an error will be raised when handling multiple matches. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--multiple_cluster_object_option)) - `name` (String) Name of the referent object. - `optional` (Boolean) Specify whether the object must be defined. -- `port` (Attributes) Port references a port or node-port defined in the service. If the referenced service is a pod-service, there will be multiple service objects matched, and the value will be presented in the following format: service1.name:port1,service2.name:port2... (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--port)) +- `port` (Attributes) Port references a port or node-port defined in the service.If the referenced service is a pod-service, there will be multiple service objects matched,and the value will be presented in the following format: service1.name:port1,service2.name:port2... (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--port)) ### Nested Schema for `spec.vars.value_from.service_var_ref.multiple_cluster_object_option` @@ -5725,7 +5725,7 @@ Required: Optional: -- `combined_option` (Attributes) Define the options for handling combined variables. Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--multiple_cluster_object_option--combined_option)) +- `combined_option` (Attributes) Define the options for handling combined variables.Valid only when the strategy is set to 'combined'. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--multiple_cluster_object_option--combined_option)) ### Nested Schema for `spec.vars.value_from.service_var_ref.multiple_cluster_object_option.combined_option` @@ -5733,7 +5733,7 @@ Optional: Optional: - `flatten_format` (Attributes) The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. (see [below for nested schema](#nestedatt--spec--vars--value_from--service_var_ref--multiple_cluster_object_option--combined_option--flatten_format)) -- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffix in pattern: $(var.name)_$(suffix). The new variable will be auto-created and placed behind the existing one. If not set, the existing variable will be reused with the value format defined below. +- `new_var_suffix` (String) If set, the existing variable will be kept, and a new variable will be defined with the specified suffixin pattern: $(var.name)_$(suffix).The new variable will be auto-created and placed behind the existing one.If not set, the existing variable will be reused with the value format defined below. - `value_format` (String) The format of the value that the operator will use to compose values from multiple components. @@ -5764,9 +5764,9 @@ Optional: Required: -- `name` (String) Specifies the name of the volume. It must be a DNS_LABEL and unique within the pod. More info can be found at: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Note: This field cannot be updated. +- `name` (String) Specifies the name of the volume.It must be a DNS_LABEL and unique within the pod.More info can be found at: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesNote: This field cannot be updated. Optional: -- `high_watermark` (Number) Sets the critical threshold for volume space utilization as a percentage (0-100). Exceeding this percentage triggers the system to switch the volume to read-only mode as specified in 'componentDefinition.spec.lifecycleActions.readOnly'. This precaution helps prevent space depletion while maintaining read-only access. If the space utilization later falls below this threshold, the system reverts the volume to read-write mode as defined in 'componentDefinition.spec.lifecycleActions.readWrite', restoring full functionality. Note: This field cannot be updated. -- `need_snapshot` (Boolean) Specifies whether the creation of a snapshot of this volume is necessary when performing a backup of the Component. Note: This field cannot be updated. +- `high_watermark` (Number) Sets the critical threshold for volume space utilization as a percentage (0-100).Exceeding this percentage triggers the system to switch the volume to read-only mode as specified in'componentDefinition.spec.lifecycleActions.readOnly'.This precaution helps prevent space depletion while maintaining read-only access.If the space utilization later falls below this threshold, the system reverts the volume to read-write modeas defined in 'componentDefinition.spec.lifecycleActions.readWrite', restoring full functionality.Note: This field cannot be updated. +- `need_snapshot` (Boolean) Specifies whether the creation of a snapshot of this volume is necessary when performing a backup of the Component.Note: This field cannot be updated. diff --git a/docs/data-sources/apps_kubeblocks_io_component_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_component_v1alpha1_manifest.md index f56d0fd59..c0a8d664e 100644 --- a/docs/data-sources/apps_kubeblocks_io_component_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_component_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_component_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - Component is a fundamental building block of a Cluster object. For example, a Redis Cluster can include Components like 'redis', 'sentinel', and potentially a proxy like 'twemproxy'. The Component object is responsible for managing the lifecycle of all replicas within a Cluster component, It supports a wide range of operations including provisioning, stopping, restarting, termination, upgrading, configuration changes, vertical and horizontal scaling, failover, switchover, cross-node migration, scheduling configuration, exposing Services, managing system accounts, enabling/disabling exporter, and configuring log collection. Component is an internal sub-object derived from the user-submitted Cluster object. It is designed primarily to be used by the KubeBlocks controllers, users are discouraged from modifying Component objects directly and should use them only for monitoring Component statuses. + Component is a fundamental building block of a Cluster object.For example, a Redis Cluster can include Components like 'redis', 'sentinel', and potentially a proxy like 'twemproxy'.The Component object is responsible for managing the lifecycle of all replicas within a Cluster component,It supports a wide range of operations including provisioning, stopping, restarting, termination, upgrading,configuration changes, vertical and horizontal scaling, failover, switchover, cross-node migration,scheduling configuration, exposing Services, managing system accounts, enabling/disabling exporter,and configuring log collection.Component is an internal sub-object derived from the user-submitted Cluster object.It is designed primarily to be used by the KubeBlocks controllers,users are discouraged from modifying Component objects directly and should use them only for monitoring Component statuses. --- # k8s_apps_kubeblocks_io_component_v1alpha1_manifest (Data Source) -Component is a fundamental building block of a Cluster object. For example, a Redis Cluster can include Components like 'redis', 'sentinel', and potentially a proxy like 'twemproxy'. The Component object is responsible for managing the lifecycle of all replicas within a Cluster component, It supports a wide range of operations including provisioning, stopping, restarting, termination, upgrading, configuration changes, vertical and horizontal scaling, failover, switchover, cross-node migration, scheduling configuration, exposing Services, managing system accounts, enabling/disabling exporter, and configuring log collection. Component is an internal sub-object derived from the user-submitted Cluster object. It is designed primarily to be used by the KubeBlocks controllers, users are discouraged from modifying Component objects directly and should use them only for monitoring Component statuses. +Component is a fundamental building block of a Cluster object.For example, a Redis Cluster can include Components like 'redis', 'sentinel', and potentially a proxy like 'twemproxy'.The Component object is responsible for managing the lifecycle of all replicas within a Cluster component,It supports a wide range of operations including provisioning, stopping, restarting, termination, upgrading,configuration changes, vertical and horizontal scaling, failover, switchover, cross-node migration,scheduling configuration, exposing Services, managing system accounts, enabling/disabling exporter,and configuring log collection.Component is an internal sub-object derived from the user-submitted Cluster object.It is designed primarily to be used by the KubeBlocks controllers,users are discouraged from modifying Component objects directly and should use them only for monitoring Component statuses. ## Example Usage @@ -60,33 +60,33 @@ Required: Optional: -- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component. It allows users to control how the Component's Pods are scheduled onto nodes in the Cluster. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--affinity)) +- `affinity` (Attributes) Specifies a group of affinity scheduling rules for the Component.It allows users to control how the Component's Pods are scheduled onto nodes in the Cluster.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--affinity)) - `configs` (Attributes List) (see [below for nested schema](#nestedatt--spec--configs)) -- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service. If set to true, the following annotations will not be patched into the Service: - 'monitor.kubeblocks.io/path' - 'monitor.kubeblocks.io/port' - 'monitor.kubeblocks.io/scheme' These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. -- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Cluster. The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries. The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries. For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries with names 'slow_query_log' and 'error_log', you can enable the collection of these logs by including their names in the 'enabledLogs' array: '''yaml enabledLogs: - slow_query_log - error_log ''' -- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component. An Instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). While instances typically share a common configuration as defined in the ClusterComponentSpec, they can require unique settings in various scenarios: For example: - A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources. - During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly. InstanceTemplate allows for specifying these unique configurations per instance. Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal), starting with an ordinal of 0. It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts. The sum of replicas across all InstanceTemplates should not exceed the total number of Replicas specified for the Component. Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--instances)) -- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status. Marking an instance as offline results in the following: 1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used. 2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances. Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining ordinal consistency within the Cluster. Note that offline instances and their associated resources, such as PVCs, are not automatically deleted. The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. -- `resources` (Attributes) Specifies the resources required by the Component. It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--resources)) +- `disable_exporter` (Boolean) Determines whether metrics exporter information is annotated on the Component's headless Service.If set to true, the following annotations will not be patched into the Service:- 'monitor.kubeblocks.io/path'- 'monitor.kubeblocks.io/port'- 'monitor.kubeblocks.io/scheme'These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. +- `enabled_logs` (List of String) Specifies which types of logs should be collected for the Cluster.The log types are defined in the 'componentDefinition.spec.logConfigs' field with the LogConfig entries.The elements in the 'enabledLogs' array correspond to the names of the LogConfig entries.For example, if the 'componentDefinition.spec.logConfigs' defines LogConfig entries withnames 'slow_query_log' and 'error_log',you can enable the collection of these logs by including their names in the 'enabledLogs' array:'''yamlenabledLogs:- slow_query_log- error_log''' +- `instances` (Attributes List) Allows for the customization of configuration values for each instance within a Component.An Instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).While instances typically share a common configuration as defined in the ClusterComponentSpec,they can require unique settings in various scenarios:For example:- A database Component might require different resource allocations for primary and secondary instances, with primaries needing more resources.- During a rolling upgrade, a Component may first update the image for one or a few instances, and then update the remaining instances after verifying that the updated instances are functioning correctly.InstanceTemplate allows for specifying these unique configurations per instance.Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),starting with an ordinal of 0.It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.The sum of replicas across all InstanceTemplates should not exceed the total number of Replicas specified for the Component.Any remaining replicas will be generated using the default template and will follow the default naming rules. (see [below for nested schema](#nestedatt--spec--instances)) +- `offline_instances` (List of String) Specifies the names of instances to be transitioned to offline status.Marking an instance as offline results in the following:1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential future reuse or data recovery, but it is no longer actively used.2. The ordinal number assigned to this instance is preserved, ensuring it remains unique and avoiding conflicts with new instances.Setting instances to offline allows for a controlled scale-in process, preserving their data and maintainingordinal consistency within the Cluster.Note that offline instances and their associated resources, such as PVCs, are not automatically deleted.The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. +- `resources` (Attributes) Specifies the resources required by the Component.It allows defining the CPU, memory requirements and limits for the Component's containers. (see [below for nested schema](#nestedatt--spec--resources)) - `runtime_class_name` (String) Defines runtimeClassName for all Pods managed by this Component. - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--scheduling_policy)) -- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component. This ServiceAccount is used to grant necessary permissions for the Component's Pods to interact with other Kubernetes resources, such as modifying Pod labels or sending events. Defaults: If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}', bound to a default role defined during KubeBlocks installation. Future Changes: Future versions might change the default ServiceAccount creation strategy to one per Component, potentially revising the naming to 'kb-{cluster.name}-{component.name}'. Users can override the automatic ServiceAccount assignment by explicitly setting the name of an existed ServiceAccount in this field. -- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services and Services provided by other Clusters. Types of services: - External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details. - Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names. ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same. Example: '''yaml serviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql' ''' The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--service_refs)) -- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component. The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). -- `services` (Attributes List) Overrides Services defined in referenced ComponentDefinition and exposes endpoints that can be accessed by clients. (see [below for nested schema](#nestedatt--spec--services)) +- `service_account_name` (String) Specifies the name of the ServiceAccount required by the running Component.This ServiceAccount is used to grant necessary permissions for the Component's Pods to interactwith other Kubernetes resources, such as modifying Pod labels or sending events.Defaults:If not specified, KubeBlocks automatically assigns a default ServiceAccount named 'kb-{cluster.name}',bound to a default role defined during KubeBlocks installation.Future Changes:Future versions might change the default ServiceAccount creation strategy to one per Component,potentially revising the naming to 'kb-{cluster.name}-{component.name}'.Users can override the automatic ServiceAccount assignment by explicitly setting the name ofan existed ServiceAccount in this field. +- `service_refs` (Attributes List) Defines a list of ServiceRef for a Component, enabling access to both external services andServices provided by other Clusters.Types of services:- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; Require a ServiceDescriptor for connection details.- Services provided by a Cluster: Managed by the same KubeBlocks operator; identified using Cluster, Component and Service names.ServiceRefs with identical 'serviceRef.name' in the same Cluster are considered the same.Example:'''yamlserviceRefs: - name: 'redis-sentinel' serviceDescriptor: name: 'external-redis-sentinel' - name: 'postgres-cluster' clusterServiceSelector: cluster: 'my-postgres-cluster' service: component: 'postgresql''''The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. (see [below for nested schema](#nestedatt--spec--service_refs)) +- `service_version` (String) ServiceVersion specifies the version of the Service expected to be provisioned by this Component.The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). +- `services` (Attributes List) Overrides Services defined in referenced ComponentDefinition and exposes endpoints that can be accessedby clients. (see [below for nested schema](#nestedatt--spec--services)) - `system_accounts` (Attributes List) Overrides system accounts defined in referenced ComponentDefinition. (see [below for nested schema](#nestedatt--spec--system_accounts)) -- `tls_config` (Attributes) Specifies the TLS configuration for the Component, including: - A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication. - An optional field that specifies the configuration for the TLS certificates issuer when TLS is enabled. It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. (see [below for nested schema](#nestedatt--spec--tls_config)) -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--tolerations)) -- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that define the storage requirements for the Component. Each template specifies the desired characteristics of a persistent volume, such as storage class, size, and access modes. These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--volume_claim_templates)) +- `tls_config` (Attributes) Specifies the TLS configuration for the Component, including:- A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication.- An optional field that specifies the configuration for the TLS certificates issuer when TLS is enabled. It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. (see [below for nested schema](#nestedatt--spec--tls_config)) +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes.Deprecated since v0.10, replaced by the 'schedulingPolicy' field. (see [below for nested schema](#nestedatt--spec--tolerations)) +- `volume_claim_templates` (Attributes List) Specifies a list of PersistentVolumeClaim templates that define the storage requirements for the Component.Each template specifies the desired characteristics of a persistent volume, such as storage class,size, and access modes.These templates are used to dynamically provision persistent volumes for the Component. (see [below for nested schema](#nestedatt--spec--volume_claim_templates)) ### Nested Schema for `spec.affinity` Optional: -- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them. It is a map where the keys are the label keys and the values are the corresponding label values. Pods will only be scheduled on nodes that have all the specified labels with the corresponding values. For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'}, pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd' and the 'environment' label with value 'production'. This field allows users to control Pod placement based on specific node labels. It can be used to ensure that Pods are scheduled on nodes with certain characteristics, such as specific hardware (e.g., SSD), environment (e.g., production, staging), or any other custom labels assigned to nodes. -- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component. It determines how pods should be spread across nodes to improve availability and performance. It can have the following values: 'Preferred' and 'Required'. The default value is 'Preferred'. -- `tenancy` (String) Determines the level of resource isolation between Pods. It can have the following values: 'SharedNode' and 'DedicatedNode'. - SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s. - DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. -- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinity and Pod spread constraints. In K8s, a topology domain is a set of nodes that have the same value for a specific label key. Nodes with labels containing any of the specified TopologyKeys and identical values are considered to be in the same topology domain. Note: The concept of topology in the context of K8s TopologyKeys is different from the concept of topology in the ClusterDefinition. When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule the Pod on nodes with different values for the specified TopologyKeys. This ensures that Pods are spread across different topology domains, promoting high availability and reducing the impact of node failures. Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone', are often used as TopologyKey. These keys represent the hostname and zone of a node, respectively. By including these keys in the TopologyKeys list, Pods will be spread across nodes with different hostnames or zones. In addition to the well-known keys, users can also specify custom label keys as TopologyKeys. This allows for more flexible and custom topology definitions based on the specific needs of the application or environment. The TopologyKeys field is a slice of strings, where each string represents a label key. The order of the keys in the slice does not matter. +- `node_labels` (Map of String) Indicates the node labels that must be present on nodes for pods to be scheduled on them.It is a map where the keys are the label keys and the values are the corresponding label values.Pods will only be scheduled on nodes that have all the specified labels with the corresponding values.For example, if NodeLabels is set to {'nodeType': 'ssd', 'environment': 'production'},pods will only be scheduled on nodes that have both the 'nodeType' label with value 'ssd'and the 'environment' label with value 'production'.This field allows users to control Pod placement based on specific node labels.It can be used to ensure that Pods are scheduled on nodes with certain characteristics,such as specific hardware (e.g., SSD), environment (e.g., production, staging),or any other custom labels assigned to nodes. +- `pod_anti_affinity` (String) Specifies the anti-affinity level of Pods within a Component.It determines how pods should be spread across nodes to improve availability and performance.It can have the following values: 'Preferred' and 'Required'.The default value is 'Preferred'. +- `tenancy` (String) Determines the level of resource isolation between Pods.It can have the following values: 'SharedNode' and 'DedicatedNode'.- SharedNode: Allow that multiple Pods may share the same node, which is the default behavior of K8s.- DedicatedNode: Each Pod runs on a dedicated node, ensuring that no two Pods share the same node. In other words, if a Pod is already running on a node, no other Pods will be scheduled on that node. Which provides a higher level of isolation and resource guarantee for Pods. The default value is 'SharedNode'. +- `topology_keys` (List of String) Represents the key of node labels used to define the topology domain for Pod anti-affinityand Pod spread constraints.In K8s, a topology domain is a set of nodes that have the same value for a specific label key.Nodes with labels containing any of the specified TopologyKeys and identical values are consideredto be in the same topology domain.Note: The concept of topology in the context of K8s TopologyKeys is different from the concept oftopology in the ClusterDefinition.When a Pod has anti-affinity or spread constraints specified, Kubernetes will attempt to schedule thePod on nodes with different values for the specified TopologyKeys.This ensures that Pods are spread across different topology domains, promoting high availability andreducing the impact of node failures.Some well-known label keys, such as 'kubernetes.io/hostname' and 'topology.kubernetes.io/zone',are often used as TopologyKey.These keys represent the hostname and zone of a node, respectively.By including these keys in the TopologyKeys list, Pods will be spread across nodes withdifferent hostnames or zones.In addition to the well-known keys, users can also specify custom label keys as TopologyKeys.This allows for more flexible and custom topology definitions based on the specific needsof the application or environment.The TopologyKeys field is a slice of strings, where each string represents a label key.The order of the keys in the slice does not matter. @@ -102,9 +102,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--configs--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--configs--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -113,11 +113,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -127,20 +127,20 @@ Optional: Required: -- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate. This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. The specified name overrides any default naming conventions or patterns. +- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate.This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinalusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.The specified name overrides any default naming conventions or patterns. Optional: -- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations. Existing keys will have their values overwritten, while new keys will be added to the annotations. -- `env` (Attributes List) Defines Env to override. Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--instances--env)) +- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations.Existing keys will have their values overwritten, while new keys will be added to the annotations. +- `env` (Attributes List) Defines Env to override.Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--instances--env)) - `image` (String) Specifies an override for the first container's image in the Pod. -- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels. Values for existing keys will be overwritten, and new keys will be added. -- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate. This field allows setting how many replicated instances of the Component, with the specific overrides in the InstanceTemplate, are created. The default value is 1. A value of 0 disables instance creation. -- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod. This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--instances--resources)) +- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels.Values for existing keys will be overwritten, and new keys will be added. +- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate.This field allows setting how many replicated instances of the Component,with the specific overrides in the InstanceTemplate, are created.The default value is 1. A value of 0 disables instance creation. +- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod.This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--instances--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy)) -- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override. Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates)) -- `volume_mounts` (Attributes List) Defines VolumeMounts to override. Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--instances--volume_mounts)) -- `volumes` (Attributes List) Defines Volumes to override. Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--instances--volumes)) +- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override.Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates)) +- `volume_mounts` (Attributes List) Defines VolumeMounts to override.Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--instances--volume_mounts)) +- `volumes` (Attributes List) Defines Volumes to override.Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--instances--volumes)) ### Nested Schema for `spec.instances.env` @@ -151,7 +151,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--instances--env--value_from)) @@ -160,8 +160,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--instances--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--instances--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--instances--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--instances--env--value_from--secret_key_ref)) @@ -173,7 +173,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -211,7 +211,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -222,16 +222,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.instances.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -241,11 +241,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.instances.scheduling_policy.affinity` @@ -261,8 +261,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.instances.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -286,11 +286,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -299,11 +299,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -329,11 +329,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -342,11 +342,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -357,8 +357,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -366,20 +366,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -387,7 +387,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -395,11 +395,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -409,7 +409,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -417,11 +417,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -432,13 +432,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -446,7 +446,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -454,11 +454,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -468,7 +468,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -476,11 +476,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -491,8 +491,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -500,20 +500,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -521,7 +521,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -529,11 +529,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -543,7 +543,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -551,11 +551,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -566,13 +566,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -580,7 +580,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -588,11 +588,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -602,7 +602,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -610,11 +610,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -626,11 +626,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -638,17 +638,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.instances.scheduling_policy.topology_spread_constraints.label_selector` @@ -656,7 +656,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -664,11 +664,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -679,20 +679,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec)) ### Nested Schema for `spec.instances.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -700,16 +700,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.instances.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -720,15 +720,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -736,37 +736,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--instances--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--instances--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--instances--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--instances--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--instances--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--instances--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--instances--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--instances--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--instances--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--instances--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--instances--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--instances--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--instances--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--instances--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--instances--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--instances--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--instances--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--instances--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--instances--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--instances--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--instances--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--instances--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--instances--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--instances--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--instances--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--instances--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--instances--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--instances--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--instances--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--instances--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--instances--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--instances--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--instances--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--instances--volumes--vsphere_volume)) @@ -775,13 +775,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -795,9 +795,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -810,7 +810,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -818,22 +818,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--instances--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--instances--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.instances.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -842,20 +842,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--instances--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--instances--volumes--cinder--secret_ref)) ### Nested Schema for `spec.instances.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -864,9 +864,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -875,11 +875,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -888,21 +888,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--instances--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--instances--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.instances.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -911,7 +911,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--instances--volumes--downward_api--items)) @@ -924,8 +924,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.instances.volumes.downward_api.items.field_ref` @@ -959,8 +959,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -968,31 +968,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.instances.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.instances.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -1005,7 +1005,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -1018,8 +1018,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -1027,16 +1027,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.instances.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1046,7 +1046,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--instances--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.instances.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -1054,11 +1054,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1082,11 +1082,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -1098,17 +1098,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--instances--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--instances--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.instances.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1117,7 +1117,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -1126,13 +1126,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -1144,7 +1144,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -1153,12 +1153,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -1166,11 +1166,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -1180,17 +1180,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--instances--volumes--iscsi--secret_ref)) @@ -1198,7 +1198,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1207,12 +1207,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -1220,11 +1220,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -1236,7 +1236,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -1248,8 +1248,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -1257,7 +1257,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources)) @@ -1275,8 +1275,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -1285,11 +1285,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1310,8 +1310,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.instances.volumes.projected.sources.downward_api.items.field_ref` @@ -1345,8 +1345,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -1355,11 +1355,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1368,12 +1368,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -1383,15 +1383,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -1399,24 +1399,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--instances--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--instances--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.instances.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1426,25 +1426,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--instances--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--instances--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.instances.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1453,10 +1453,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--instances--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.instances.volumes.secret.items` @@ -1464,11 +1464,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1477,18 +1477,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--instances--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--instances--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.instances.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1501,7 +1501,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -1513,16 +1513,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1532,11 +1532,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.scheduling_policy.affinity` @@ -1552,8 +1552,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1577,11 +1577,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1590,11 +1590,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1620,11 +1620,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1633,11 +1633,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -1648,8 +1648,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1657,20 +1657,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1678,7 +1678,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1686,11 +1686,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1700,7 +1700,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1708,11 +1708,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1723,13 +1723,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1737,7 +1737,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1745,11 +1745,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1759,7 +1759,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1767,11 +1767,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1782,8 +1782,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1791,20 +1791,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1812,7 +1812,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1820,11 +1820,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1834,7 +1834,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1842,11 +1842,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1857,13 +1857,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1871,7 +1871,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1879,11 +1879,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1893,7 +1893,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1901,11 +1901,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1917,11 +1917,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -1929,17 +1929,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.scheduling_policy.topology_spread_constraints.label_selector` @@ -1947,7 +1947,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -1955,11 +1955,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1970,14 +1970,14 @@ Optional: Required: -- `name` (String) Specifies the identifier of the service reference declaration. It corresponds to the serviceRefDeclaration name defined in either: - 'componentDefinition.spec.serviceRefDeclarations[*].name' - 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) +- `name` (String) Specifies the identifier of the service reference declaration.It corresponds to the serviceRefDeclaration name defined in either:- 'componentDefinition.spec.serviceRefDeclarations[*].name'- 'clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name' (deprecated) Optional: -- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced. This is used when services from another KubeBlocks Cluster are consumed. By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential' will be utilized to bind to the current Component. This credential should include: 'endpoint', 'port', 'username', and 'password'. Note: - The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach. - If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence. Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated, use 'clusterServiceSelector' instead. This field is maintained for backward compatibility and its use is discouraged. Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. -- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster. It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--service_refs--cluster_service_selector)) -- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object. If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the current Cluster by default. -- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources. When referencing a service provided by external sources, a ServiceDescriptor object is required to establish the service binding. The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKind and serviceVersion declared in the definition. If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. +- `cluster` (String) Specifies the name of the KubeBlocks Cluster being referenced.This is used when services from another KubeBlocks Cluster are consumed.By default, the referenced KubeBlocks Cluster's 'clusterDefinition.spec.connectionCredential'will be utilized to bind to the current Component. This credential should include:'endpoint', 'port', 'username', and 'password'.Note:- The 'ServiceKind' and 'ServiceVersion' specified in the service reference within the ClusterDefinition are not validated when using this approach.- If both 'cluster' and 'serviceDescriptor' are present, 'cluster' will take precedence.Deprecated since v0.9 since 'clusterDefinition.spec.connectionCredential' is deprecated,use 'clusterServiceSelector' instead.This field is maintained for backward compatibility and its use is discouraged.Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +- `cluster_service_selector` (Attributes) References a service provided by another KubeBlocks Cluster.It specifies the ClusterService and the account credentials needed for access. (see [below for nested schema](#nestedatt--spec--service_refs--cluster_service_selector)) +- `namespace` (String) Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object.If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the currentCluster by default. +- `service_descriptor` (String) Specifies the name of the ServiceDescriptor object that describes a service provided by external sources.When referencing a service provided by external sources, a ServiceDescriptor object is required to establishthe service binding.The 'serviceDescriptor.spec.serviceKind' and 'serviceDescriptor.spec.serviceVersion' should match the serviceKindand serviceVersion declared in the definition.If both 'cluster' and 'serviceDescriptor' are specified, the 'cluster' takes precedence. ### Nested Schema for `spec.service_refs.cluster_service_selector` @@ -1988,7 +1988,7 @@ Required: Optional: -- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts' of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--service_refs--cluster_service_selector--credential)) +- `credential` (Attributes) Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster.The SystemAccount should be defined in 'componentDefinition.spec.systemAccounts'of the Component providing the service in the referenced Cluster. (see [below for nested schema](#nestedatt--spec--service_refs--cluster_service_selector--credential)) - `service` (Attributes) Identifies a ClusterService from the list of Services defined in 'cluster.spec.services' of the referenced Cluster. (see [below for nested schema](#nestedatt--spec--service_refs--cluster_service_selector--service)) @@ -2005,12 +2005,12 @@ Required: Required: -- `service` (String) The name of the Service to be referenced. Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name,service2.name... +- `service` (String) The name of the Service to be referenced.Leave it empty to reference the default Service. Set it to 'headless' to reference the default headless Service.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name,service2.name... Optional: -- `component` (String) The name of the Component where the Service resides in. It is required when referencing a Component's Service. -- `port` (String) The port name of the Service to be referenced. If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first. If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... +- `component` (String) The name of the Component where the Service resides in.It is required when referencing a Component's Service. +- `port` (String) The port name of the Service to be referenced.If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first.If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched,and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... @@ -2020,41 +2020,41 @@ Optional: Required: -- `name` (String) Name defines the name of the service. otherwise, it indicates the name of the service. Others can refer to this service by its name. (e.g., connection credential) Cannot be updated. +- `name` (String) Name defines the name of the service.otherwise, it indicates the name of the service.Others can refer to this service by its name. (e.g., connection credential)Cannot be updated. Optional: -- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put here More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. -- `disable_auto_provision` (Boolean) Indicates whether the automatic provisioning of the service should be disabled. If set to true, the service will not be automatically created at the component provisioning. Instead, you can enable the creation of this service by specifying it explicitly in the cluster API. -- `pod_service` (Boolean) Indicates whether to create a corresponding Service for each Pod of the selected Component. When set to true, a set of Services will be automatically generated for each Pod, and the 'roleSelector' field will be ignored. The names of the generated Services will follow the same suffix naming pattern: '$(serviceName)-$(podOrdinal)'. The total number of generated Services will be equal to the number of replicas specified for the Component. Example usage: '''yaml name: my-service serviceName: my-service podService: true disableAutoProvision: true spec: type: NodePort ports: - name: http port: 80 targetPort: 8080 ''' In this example, if the Component has 3 replicas, three Services will be generated: - my-service-0: Points to the first Pod (podOrdinal: 0) - my-service-1: Points to the second Pod (podOrdinal: 1) - my-service-2: Points to the third Pod (podOrdinal: 2) Each generated Service will have the specified spec configuration and will target its respective Pod. This feature is useful when you need to expose each Pod of a Component individually, allowing external access to specific instances of the Component. -- `role_selector` (String) Extends the above 'serviceSpec.selector' by allowing you to specify defined role as selector for the service. When 'roleSelector' is set, it adds a label selector 'kubeblocks.io/role: {roleSelector}' to the 'serviceSpec.selector'. Example usage: roleSelector: 'leader' In this example, setting 'roleSelector' to 'leader' will add a label selector 'kubeblocks.io/role: leader' to the 'serviceSpec.selector'. This means that the service will select and route traffic to Pods with the label 'kubeblocks.io/role' set to 'leader'. Note that if 'podService' sets to true, RoleSelector will be ignored. The 'podService' flag takes precedence over 'roleSelector' and generates a service for each Pod. -- `service_name` (String) ServiceName defines the name of the underlying service object. If not specified, the default service name with different patterns will be used: - CLUSTER_NAME: for cluster-level services - CLUSTER_NAME-COMPONENT_NAME: for component-level services Only one default service name is allowed. Cannot be updated. -- `spec` (Attributes) Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status (see [below for nested schema](#nestedatt--spec--services--spec)) +- `annotations` (Map of String) If ServiceType is LoadBalancer, cloud provider related parameters can be put hereMore info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +- `disable_auto_provision` (Boolean) Indicates whether the automatic provisioning of the service should be disabled.If set to true, the service will not be automatically created at the component provisioning.Instead, you can enable the creation of this service by specifying it explicitly in the cluster API. +- `pod_service` (Boolean) Indicates whether to create a corresponding Service for each Pod of the selected Component.When set to true, a set of Services will be automatically generated for each Pod,and the 'roleSelector' field will be ignored.The names of the generated Services will follow the same suffix naming pattern: '$(serviceName)-$(podOrdinal)'.The total number of generated Services will be equal to the number of replicas specified for the Component.Example usage:'''yamlname: my-serviceserviceName: my-servicepodService: truedisableAutoProvision: truespec: type: NodePort ports: - name: http port: 80 targetPort: 8080'''In this example, if the Component has 3 replicas, three Services will be generated:- my-service-0: Points to the first Pod (podOrdinal: 0)- my-service-1: Points to the second Pod (podOrdinal: 1)- my-service-2: Points to the third Pod (podOrdinal: 2)Each generated Service will have the specified spec configuration and will target its respective Pod.This feature is useful when you need to expose each Pod of a Component individually, allowing external accessto specific instances of the Component. +- `role_selector` (String) Extends the above 'serviceSpec.selector' by allowing you to specify defined role as selector for the service.When 'roleSelector' is set, it adds a label selector 'kubeblocks.io/role: {roleSelector}'to the 'serviceSpec.selector'.Example usage: roleSelector: 'leader'In this example, setting 'roleSelector' to 'leader' will add a label selector'kubeblocks.io/role: leader' to the 'serviceSpec.selector'.This means that the service will select and route traffic to Pods with the label'kubeblocks.io/role' set to 'leader'.Note that if 'podService' sets to true, RoleSelector will be ignored.The 'podService' flag takes precedence over 'roleSelector' and generates a service for each Pod. +- `service_name` (String) ServiceName defines the name of the underlying service object.If not specified, the default service name with different patterns will be used:- CLUSTER_NAME: for cluster-level services- CLUSTER_NAME-COMPONENT_NAME: for component-level servicesOnly one default service name is allowed.Cannot be updated. +- `spec` (Attributes) Spec defines the behavior of a service.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status (see [below for nested schema](#nestedatt--spec--services--spec)) ### Nested Schema for `spec.services.spec` Optional: -- `allocate_load_balancer_node_ports` (Boolean) allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is 'true'. It may be set to 'false' if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. -- `cluster_i_ps` (List of String) ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are 'None', empty string (''), or a valid IP address. Setting this to 'None' makes a 'headless service' (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies -- `cluster_ip` (String) clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are 'None', empty string (''), or a valid IP address. Setting this to 'None' makes a 'headless service' (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies -- `external_i_ps` (List of String) externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. -- `external_name` (String) externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires 'type' to be 'ExternalName'. -- `external_traffic_policy` (String) externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's 'externally-facing' addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to 'Local', the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, 'Cluster', uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get 'Cluster' semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. -- `health_check_node_port` (Number) healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set. -- `internal_traffic_policy` (String) InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to 'Local', the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, 'Cluster', uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). -- `ip_families` (List of String) IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are 'IPv4' and 'IPv6'. This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to 'headless' services. This field will be wiped when updating a Service to type ExternalName. This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. -- `ip_family_policy` (String) IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be 'SingleStack' (a single IP family), 'PreferDualStack' (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or 'RequireDualStack' (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. -- `load_balancer_class` (String) loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. 'internal-vip' or 'example.com/internal-vip'. Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. -- `load_balancer_ip` (String) Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available. -- `load_balancer_source_ranges` (List of String) If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.' More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ -- `ports` (Attributes List) The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--services--spec--ports)) -- `publish_not_ready_addresses` (Boolean) publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered 'ready' even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior. -- `selector` (Map of String) Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/ -- `session_affinity` (String) Supports 'ClientIP' and 'None'. Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `allocate_load_balancer_node_ports` (Boolean) allocateLoadBalancerNodePorts defines if NodePorts will be automaticallyallocated for services with type LoadBalancer. Default is 'true'. Itmay be set to 'false' if the cluster load-balancer does not rely onNodePorts. If the caller requests specific NodePorts (by specifying avalue), those requests will be respected, regardless of this field.This field may only be set for services with type LoadBalancer and willbe cleared if the type is changed to any other type. +- `cluster_i_ps` (List of String) ClusterIPs is a list of IP addresses assigned to this service, and areusually assigned randomly. If an address is specified manually, isin-range (as per system configuration), and is not in use, it will beallocated to the service; otherwise creation of the service will fail.This field may not be changed through updates unless the type field isalso being changed to ExternalName (which requires this field to beempty) or the type field is being changed from ExternalName (in whichcase this field may optionally be specified, as describe above). Validvalues are 'None', empty string (''), or a valid IP address. Settingthis to 'None' makes a 'headless service' (no virtual IP), which isuseful when direct endpoint connections are preferred and proxying isnot required. Only applies to types ClusterIP, NodePort, andLoadBalancer. If this field is specified when creating a Service of typeExternalName, creation will fail. This field will be wiped when updatinga Service to type ExternalName. If this field is not specified, it willbe initialized from the clusterIP field. If this field is specified,clients must ensure that clusterIPs[0] and clusterIP have the samevalue.This field may hold a maximum of two entries (dual-stack IPs, in either order).These IPs must correspond to the values of the ipFamilies field. BothclusterIPs and ipFamilies are governed by the ipFamilyPolicy field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `cluster_ip` (String) clusterIP is the IP address of the service and is usually assignedrandomly. If an address is specified manually, is in-range (as persystem configuration), and is not in use, it will be allocated to theservice; otherwise creation of the service will fail. This field may notbe changed through updates unless the type field is also being changedto ExternalName (which requires this field to be blank) or the typefield is being changed from ExternalName (in which case this field mayoptionally be specified, as describe above). Valid values are 'None',empty string (''), or a valid IP address. Setting this to 'None' makes a'headless service' (no virtual IP), which is useful when direct endpointconnections are preferred and proxying is not required. Only applies totypes ClusterIP, NodePort, and LoadBalancer. If this field is specifiedwhen creating a Service of type ExternalName, creation will fail. Thisfield will be wiped when updating a Service to type ExternalName.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies +- `external_i_ps` (List of String) externalIPs is a list of IP addresses for which nodes in the clusterwill also accept traffic for this service. These IPs are not managed byKubernetes. The user is responsible for ensuring that traffic arrivesat a node with this IP. A common example is external load-balancersthat are not part of the Kubernetes system. +- `external_name` (String) externalName is the external reference that discovery mechanisms willreturn as an alias for this service (e.g. a DNS CNAME record). Noproxying will be involved. Must be a lowercase RFC-1123 hostname(https://tools.ietf.org/html/rfc1123) and requires 'type' to be 'ExternalName'. +- `external_traffic_policy` (String) externalTrafficPolicy describes how nodes distribute service traffic theyreceive on one of the Service's 'externally-facing' addresses (NodePorts,ExternalIPs, and LoadBalancer IPs). If set to 'Local', the proxy will configurethe service in a way that assumes that external load balancers will take careof balancing the service traffic between nodes, and so each node will delivertraffic only to the node-local endpoints of the service, without masqueradingthe client source IP. (Traffic mistakenly sent to a node with no endpoints willbe dropped.) The default value, 'Cluster', uses the standard behavior ofrouting to all endpoints evenly (possibly modified by topology and otherfeatures). Note that traffic sent to an External IP or LoadBalancer IP fromwithin the cluster will always get 'Cluster' semantics, but clients sending toa NodePort from within the cluster may need to take traffic policy into accountwhen picking a node. +- `health_check_node_port` (Number) healthCheckNodePort specifies the healthcheck nodePort for the service.This only applies when type is set to LoadBalancer andexternalTrafficPolicy is set to Local. If a value is specified, isin-range, and is not in use, it will be used. If not specified, a valuewill be automatically allocated. External systems (e.g. load-balancers)can use this port to determine if a given node holds endpoints for thisservice or not. If this field is specified when creating a Servicewhich does not need it, creation will fail. This field will be wipedwhen updating a Service to no longer need it (e.g. changing type).This field cannot be updated once set. +- `internal_traffic_policy` (String) InternalTrafficPolicy describes how nodes distribute service traffic theyreceive on the ClusterIP. If set to 'Local', the proxy will assume that podsonly want to talk to endpoints of the service on the same node as the pod,dropping the traffic if there are no local endpoints. The default value,'Cluster', uses the standard behavior of routing to all endpoints evenly(possibly modified by topology and other features). +- `ip_families` (List of String) IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to thisservice. This field is usually assigned automatically based on clusterconfiguration and the ipFamilyPolicy field. If this field is specifiedmanually, the requested family is available in the cluster,and ipFamilyPolicy allows it, it will be used; otherwise creation ofthe service will fail. This field is conditionally mutable: it allowsfor adding or removing a secondary IP family, but it does not allowchanging the primary IP family of the Service. Valid values are 'IPv4'and 'IPv6'. This field only applies to Services of types ClusterIP,NodePort, and LoadBalancer, and does apply to 'headless' services.This field will be wiped when updating a Service to type ExternalName.This field may hold a maximum of two entries (dual-stack families, ineither order). These families must correspond to the values of theclusterIPs field, if specified. Both clusterIPs and ipFamilies aregoverned by the ipFamilyPolicy field. +- `ip_family_policy` (String) IPFamilyPolicy represents the dual-stack-ness requested or required bythis Service. If there is no value provided, then this field will be setto SingleStack. Services can be 'SingleStack' (a single IP family),'PreferDualStack' (two IP families on dual-stack configured clusters ora single IP family on single-stack clusters), or 'RequireDualStack'(two IP families on dual-stack configured clusters, otherwise fail). TheipFamilies and clusterIPs fields depend on the value of this field. Thisfield will be wiped when updating a service to type ExternalName. +- `load_balancer_class` (String) loadBalancerClass is the class of the load balancer implementation this Service belongs to.If specified, the value of this field must be a label-style identifier, with an optional prefix,e.g. 'internal-vip' or 'example.com/internal-vip'. Unprefixed names are reserved for end-users.This field can only be set when the Service type is 'LoadBalancer'. If not set, the default loadbalancer implementation is used, today this is typically done through the cloud provider integration,but should apply for any default implementation. If set, it is assumed that a load balancerimplementation is watching for Services with a matching class. Any default load balancerimplementation (e.g. cloud providers) should ignore Services that set this field.This field can only be set when creating or updating a Service to type 'LoadBalancer'.Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. +- `load_balancer_ip` (String) Only applies to Service Type: LoadBalancer.This feature depends on whether the underlying cloud-provider supports specifyingthe loadBalancerIP when a load balancer is created.This field will be ignored if the cloud-provider does not support the feature.Deprecated: This field was under-specified and its meaning varies across implementations.Using it is non-portable and it may not support dual-stack.Users are encouraged to use implementation-specific annotations when available. +- `load_balancer_source_ranges` (List of String) If specified and supported by the platform, this will restrict traffic through the cloud-providerload-balancer will be restricted to the specified client IPs. This field will be ignored if thecloud-provider does not support the feature.'More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ +- `ports` (Attributes List) The list of ports that are exposed by this service.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies (see [below for nested schema](#nestedatt--spec--services--spec--ports)) +- `publish_not_ready_addresses` (Boolean) publishNotReadyAddresses indicates that any agent which deals with endpoints for thisService should disregard any indications of ready/not-ready.The primary use case for setting this field is for a StatefulSet's Headless Service topropagate SRV DNS records for its Pods for the purpose of peer discovery.The Kubernetes controllers that generate Endpoints and EndpointSlice resources forServices interpret this to mean that all endpoints are considered 'ready' even if thePods themselves are not. Agents which consume only Kubernetes generated endpointsthrough the Endpoints or EndpointSlice resources can safely assume this behavior. +- `selector` (Map of String) Route service traffic to pods with label keys and values matching thisselector. If empty or not present, the service is assumed to have anexternal process managing its endpoints, which Kubernetes will notmodify. Only applies to types ClusterIP, NodePort, and LoadBalancer.Ignored if type is ExternalName.More info: https://kubernetes.io/docs/concepts/services-networking/service/ +- `session_affinity` (String) Supports 'ClientIP' and 'None'. Used to maintain session affinity.Enable client IP based session affinity.Must be ClientIP or None.Defaults to None.More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - `session_affinity_config` (Attributes) sessionAffinityConfig contains the configurations of session affinity. (see [below for nested schema](#nestedatt--spec--services--spec--session_affinity_config)) -- `type` (String) type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. 'ClusterIP' allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is 'None', no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. 'NodePort' builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. 'LoadBalancer' builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. 'ExternalName' aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types +- `type` (String) type determines how the Service is exposed. Defaults to ClusterIP. Validoptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.'ClusterIP' allocates a cluster-internal IP address for load-balancingto endpoints. Endpoints are determined by the selector or if that is notspecified, by manual construction of an Endpoints object orEndpointSlice objects. If clusterIP is 'None', no virtual IP isallocated and the endpoints are published as a set of endpoints ratherthan a virtual IP.'NodePort' builds on ClusterIP and allocates a port on every node whichroutes to the same endpoints as the clusterIP.'LoadBalancer' builds on NodePort and creates an external load-balancer(if supported in the current cloud) which routes to the same endpointsas the clusterIP.'ExternalName' aliases this service to the specified externalName.Several other fields do not apply to ExternalName services.More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types ### Nested Schema for `spec.services.spec.ports` @@ -2065,11 +2065,11 @@ Required: Optional: -- `app_protocol` (String) The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. -- `name` (String) The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. -- `node_port` (Number) The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport -- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'. Default is TCP. -- `target_port` (String) Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service +- `app_protocol` (String) The application protocol for this port.This is used as a hint for implementations to offer richer behavior for protocols that they understand.This field follows standard Kubernetes label syntax.Valid values are either:* Un-prefixed protocol names - reserved for IANA standard service names (as perRFC-6335 and https://www.iana.org/assignments/service-names).* Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455* Other protocols should use implementation-defined prefixed names such asmycompany.com/my-custom-protocol. +- `name` (String) The name of this port within the service. This must be a DNS_LABEL.All ports within a ServiceSpec must have unique names. When consideringthe endpoints for a Service, this must match the 'name' field in theEndpointPort.Optional if only one ServicePort is defined on this service. +- `node_port` (Number) The port on each node on which this service is exposed when type isNodePort or LoadBalancer. Usually assigned by the system. If a value isspecified, in-range, and not in use it will be used, otherwise theoperation will fail. If not specified, a port will be allocated if thisService requires one. If this field is specified when creating aService which does not need it, creation will fail. This field will bewiped when updating a Service to no longer need it (e.g. changing typefrom NodePort to ClusterIP).More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport +- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'.Default is TCP. +- `target_port` (String) Number or name of the port to access on the pods targeted by the service.Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.If this is a string, it will be looked up as a named port in thetarget Pod's container ports. If this is not specified, the valueof the 'port' field is used (an identity map).This field is ignored for services with clusterIP=None, and should beomitted or set equal to the 'port' field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service @@ -2084,7 +2084,7 @@ Optional: Optional: -- `timeout_seconds` (Number) timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == 'ClientIP'. Default value is 10800(for 3 hours). +- `timeout_seconds` (Number) timeoutSeconds specifies the seconds of ClientIP type session sticky time.The value must be >0 && <=86400(for 1 day) if ServiceAffinity == 'ClientIP'.Default value is 10800(for 3 hours). @@ -2099,8 +2099,8 @@ Required: Optional: -- `password_config` (Attributes) Specifies the policy for generating the account's password. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--password_config)) -- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account. This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--secret_ref)) +- `password_config` (Attributes) Specifies the policy for generating the account's password.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--password_config)) +- `secret_ref` (Attributes) Refers to the secret from which data will be copied to create the new account.This field is immutable once set. (see [below for nested schema](#nestedatt--spec--system_accounts--secret_ref)) ### Nested Schema for `spec.system_accounts.password_config` @@ -2111,7 +2111,7 @@ Optional: - `letter_case` (String) The case of the letters in the password. - `num_digits` (Number) The number of digits in the password. - `num_symbols` (Number) The number of symbols in the password. -- `seed` (String) Seed to generate the account's password. Cannot be updated. +- `seed` (String) Seed to generate the account's password.Cannot be updated. @@ -2129,19 +2129,19 @@ Required: Optional: -- `enable` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication. When set to true, the Component will be configured to use TLS encryption for its network connections. This ensures that the data transmitted between the Component and its clients or other Components is encrypted and protected from unauthorized access. If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys, to properly set up the secure communication channel. -- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer. It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--tls_config--issuer)) +- `enable` (Boolean) A boolean flag that indicates whether the Component should use Transport Layer Security (TLS)for secure communication.When set to true, the Component will be configured to use TLS encryption for its network connections.This ensures that the data transmitted between the Component and its clients or other Components is encryptedand protected from unauthorized access.If TLS is enabled, the Component may require additional configuration,such as specifying TLS certificates and keys, to properly set up the secure communication channel. +- `issuer` (Attributes) Specifies the configuration for the TLS certificates issuer.It allows defining the issuer name and the reference to the secret containing the TLS certificates and key.The secret should contain the CA certificate, TLS certificate, and private key in the specified keys.Required when TLS is enabled. (see [below for nested schema](#nestedatt--spec--tls_config--issuer)) ### Nested Schema for `spec.tls_config.issuer` Required: -- `name` (String) The issuer for TLS certificates. It only allows two enum values: 'KubeBlocks' and 'UserProvided'. - 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used. - 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. +- `name` (String) The issuer for TLS certificates.It only allows two enum values: 'KubeBlocks' and 'UserProvided'.- 'KubeBlocks' indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used.- 'UserProvided' means that the user is responsible for providing their own CA, Cert, and Key. In this case, the user-provided CA certificate, server certificate, and private key will be used for TLS communication. Optional: -- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates. It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--tls_config--issuer--secret_ref)) +- `secret_ref` (Attributes) SecretRef is the reference to the secret that contains user-provided certificates.It is required when the issuer is set to 'UserProvided'. (see [below for nested schema](#nestedatt--spec--tls_config--issuer--secret_ref)) ### Nested Schema for `spec.tls_config.issuer.secret_ref` @@ -2161,11 +2161,11 @@ Required: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2173,20 +2173,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec)) ### Nested Schema for `spec.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -2194,13 +2194,13 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. diff --git a/docs/data-sources/apps_kubeblocks_io_component_version_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_component_version_v1alpha1_manifest.md index 4d19eec48..f38019758 100644 --- a/docs/data-sources/apps_kubeblocks_io_component_version_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_component_version_v1alpha1_manifest.md @@ -62,7 +62,7 @@ Required: Required: -- `comp_defs` (List of String) CompDefs specifies names for the component definitions associated with this ComponentVersion. Each name in the list can represent an exact name, or a name prefix. For example: - 'mysql-8.0.30-v1alpha1': Matches the exact name 'mysql-8.0.30-v1alpha1' - 'mysql-8.0.30': Matches all names starting with 'mysql-8.0.30' +- `comp_defs` (List of String) CompDefs specifies names for the component definitions associated with this ComponentVersion.Each name in the list can represent an exact name, or a name prefix.For example:- 'mysql-8.0.30-v1alpha1': Matches the exact name 'mysql-8.0.30-v1alpha1'- 'mysql-8.0.30': Matches all names starting with 'mysql-8.0.30' - `releases` (List of String) Releases is a list of identifiers for the releases. @@ -72,8 +72,8 @@ Required: Required: - `images` (Map of String) Images define the new images for different containers within the release. -- `name` (String) Name is a unique identifier for this release. Cannot be updated. -- `service_version` (String) ServiceVersion defines the version of the well-known service that the component provides. The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/). If the release is used, it will serve as the service version for component instances, overriding the one defined in the component definition. Cannot be updated. +- `name` (String) Name is a unique identifier for this release.Cannot be updated. +- `service_version` (String) ServiceVersion defines the version of the well-known service that the component provides.The version should follow the syntax and semantics of the 'Semantic Versioning' specification (http://semver.org/).If the release is used, it will serve as the service version for component instances, overriding the one defined in the component definition.Cannot be updated. Optional: diff --git a/docs/data-sources/apps_kubeblocks_io_config_constraint_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_config_constraint_v1alpha1_manifest.md index dc64c8b8b..36ac8509b 100644 --- a/docs/data-sources/apps_kubeblocks_io_config_constraint_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_config_constraint_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_config_constraint_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template. These configuration files should have the same format (e.g. ini, xml, properties, json). It provides the following functionalities: 1. Parameter Value Validation: Validates and ensures compliance of parameter values with defined constraints. 2. Dynamic Reload on Modification: Monitors parameter changes and triggers dynamic reloads to apply updates. 3. Parameter Rendering in Templates: Injects parameters into templates to generate up-to-date configuration files. + ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template.These configuration files should have the same format (e.g. ini, xml, properties, json).It provides the following functionalities:1. Parameter Value Validation: Validates and ensures compliance of parameter values with defined constraints.2. Dynamic Reload on Modification: Monitors parameter changes and triggers dynamic reloads to apply updates.3. Parameter Rendering in Templates: Injects parameters into templates to generate up-to-date configuration files. --- # k8s_apps_kubeblocks_io_config_constraint_v1alpha1_manifest (Data Source) -ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template. These configuration files should have the same format (e.g. ini, xml, properties, json). It provides the following functionalities: 1. **Parameter Value Validation**: Validates and ensures compliance of parameter values with defined constraints. 2. **Dynamic Reload on Modification**: Monitors parameter changes and triggers dynamic reloads to apply updates. 3. **Parameter Rendering in Templates**: Injects parameters into templates to generate up-to-date configuration files. +ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template.These configuration files should have the same format (e.g. ini, xml, properties, json).It provides the following functionalities:1. **Parameter Value Validation**: Validates and ensures compliance of parameter values with defined constraints.2. **Dynamic Reload on Modification**: Monitors parameter changes and triggers dynamic reloads to apply updates.3. **Parameter Rendering in Templates**: Injects parameters into templates to generate up-to-date configuration files. ## Example Usage @@ -54,29 +54,29 @@ Optional: Required: -- `formatter_config` (Attributes) Specifies the format of the configuration file and any associated parameters that are specific to the chosen format. Supported formats include 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties', and 'toml'. Each format may have its own set of parameters that can be configured. For instance, when using the 'ini' format, you can specify the section name. Example: ''' formatterConfig: format: ini iniConfig: sectionName: mysqld ''' (see [below for nested schema](#nestedatt--spec--formatter_config)) +- `formatter_config` (Attributes) Specifies the format of the configuration file and any associated parameters that are specific to the chosen format.Supported formats include 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties', and 'toml'.Each format may have its own set of parameters that can be configured.For instance, when using the 'ini' format, you can specify the section name.Example:'''formatterConfig: format: ini iniConfig: sectionName: mysqld''' (see [below for nested schema](#nestedatt--spec--formatter_config)) Optional: -- `cfg_schema_top_level_name` (String) Specifies the top-level key in the 'configurationSchema.cue' that organizes the validation rules for parameters. This key must exist within the CUE script defined in 'configurationSchema.cue'. -- `configuration_schema` (Attributes) Defines a list of parameters including their names, default values, descriptions, types, and constraints (permissible values or the range of valid values). (see [below for nested schema](#nestedatt--spec--configuration_schema)) -- `downward_api_options` (Attributes List) Specifies a list of actions to execute specified commands based on Pod labels. It utilizes the K8s Downward API to mount label information as a volume into the pod. The 'config-manager' sidecar container watches for changes in the role label and dynamically invoke registered commands (usually execute some SQL statements) when a change is detected. It is designed for scenarios where: - Replicas with different roles have different configurations, such as Redis primary & secondary replicas. - After a role switch (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role. (see [below for nested schema](#nestedatt--spec--downward_api_options)) -- `dynamic_action_can_be_merged` (Boolean) Indicates whether to consolidate dynamic reload and restart actions into a single restart. - If true, updates requiring both actions will result in only a restart, merging the actions. - If false, updates will trigger both actions executed sequentially: first dynamic reload, then restart. This flag allows for more efficient handling of configuration changes by potentially eliminating an unnecessary reload step. -- `dynamic_parameters` (List of String) List dynamic parameters. Modifications to these parameters trigger a configuration reload without requiring a process restart. -- `immutable_parameters` (List of String) Lists the parameters that cannot be modified once set. Attempting to change any of these parameters will be ignored. -- `reload_options` (Attributes) Specifies the dynamic reload action supported by the engine. When set, the controller executes the method defined here to execute hot parameter updates. Dynamic reloading is triggered only if both of the following conditions are met: 1. The modified parameters are listed in the 'dynamicParameters' field. If 'reloadStaticParamsBeforeRestart' is set to true, modifications to 'staticParameters' can also trigger a reload. 2. 'reloadOptions' is set. If 'reloadOptions' is not set or the modified parameters are not listed in 'dynamicParameters', dynamic reloading will not be triggered. Example: '''yaml reloadOptions: tplScriptTrigger: namespace: kb-system scriptConfigMapRef: mysql-reload-script sync: true ''' (see [below for nested schema](#nestedatt--spec--reload_options)) -- `reload_static_params_before_restart` (Boolean) Configures whether the dynamic reload specified in 'reloadOptions' applies only to dynamic parameters or to all parameters (including static parameters). - false (default): Only modifications to the dynamic parameters listed in 'dynamicParameters' will trigger a dynamic reload. - true: Modifications to both dynamic parameters listed in 'dynamicParameters' and static parameters listed in 'staticParameters' will trigger a dynamic reload. The 'true' option is for certain engines that require static parameters to be set via SQL statements before they can take effect on restart. -- `script_configs` (Attributes List) A list of ScriptConfig Object. Each ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod. The scripts are mounted as volumes and can be referenced and executed by the dynamic reload and DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--script_configs)) -- `selector` (Attributes) Used to match labels on the pod to determine whether a dynamic reload should be performed. In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. The 'selector' allows you to specify label selectors to target the desired pods for the reload process. If the 'selector' is not specified or is nil, all pods managed by the workload will be considered for the dynamic reload. (see [below for nested schema](#nestedatt--spec--selector)) -- `static_parameters` (List of String) List static parameters. Modifications to any of these parameters require a restart of the process to take effect. -- `tools_image_spec` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload. If the dynamic reload action is triggered by a ShellTrigger, this field is required. This image must contain all necessary tools for executing the ShellTrigger scripts. Usually the specified image is referenced by the init container, which is then responsible for copy the tools from the image to a bin volume. This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--tools_image_spec)) +- `cfg_schema_top_level_name` (String) Specifies the top-level key in the 'configurationSchema.cue' that organizes the validation rules for parameters.This key must exist within the CUE script defined in 'configurationSchema.cue'. +- `configuration_schema` (Attributes) Defines a list of parameters including their names, default values, descriptions,types, and constraints (permissible values or the range of valid values). (see [below for nested schema](#nestedatt--spec--configuration_schema)) +- `downward_api_options` (Attributes List) Specifies a list of actions to execute specified commands based on Pod labels.It utilizes the K8s Downward API to mount label information as a volume into the pod.The 'config-manager' sidecar container watches for changes in the role label and dynamically invokeregistered commands (usually execute some SQL statements) when a change is detected.It is designed for scenarios where:- Replicas with different roles have different configurations, such as Redis primary & secondary replicas.- After a role switch (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role. (see [below for nested schema](#nestedatt--spec--downward_api_options)) +- `dynamic_action_can_be_merged` (Boolean) Indicates whether to consolidate dynamic reload and restart actions into a single restart.- If true, updates requiring both actions will result in only a restart, merging the actions.- If false, updates will trigger both actions executed sequentially: first dynamic reload, then restart.This flag allows for more efficient handling of configuration changes by potentially eliminatingan unnecessary reload step. +- `dynamic_parameters` (List of String) List dynamic parameters.Modifications to these parameters trigger a configuration reload without requiring a process restart. +- `immutable_parameters` (List of String) Lists the parameters that cannot be modified once set.Attempting to change any of these parameters will be ignored. +- `reload_options` (Attributes) Specifies the dynamic reload action supported by the engine.When set, the controller executes the method defined here to execute hot parameter updates.Dynamic reloading is triggered only if both of the following conditions are met:1. The modified parameters are listed in the 'dynamicParameters' field. If 'reloadStaticParamsBeforeRestart' is set to true, modifications to 'staticParameters' can also trigger a reload.2. 'reloadOptions' is set.If 'reloadOptions' is not set or the modified parameters are not listed in 'dynamicParameters',dynamic reloading will not be triggered.Example:'''yamlreloadOptions: tplScriptTrigger: namespace: kb-system scriptConfigMapRef: mysql-reload-script sync: true''' (see [below for nested schema](#nestedatt--spec--reload_options)) +- `reload_static_params_before_restart` (Boolean) Configures whether the dynamic reload specified in 'reloadOptions' applies only to dynamic parameters orto all parameters (including static parameters).- false (default): Only modifications to the dynamic parameters listed in 'dynamicParameters' will trigger a dynamic reload.- true: Modifications to both dynamic parameters listed in 'dynamicParameters' and static parameters listed in 'staticParameters' will trigger a dynamic reload. The 'true' option is for certain engines that require static parameters to be set via SQL statements before they can take effect on restart. +- `script_configs` (Attributes List) A list of ScriptConfig Object.Each ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod.The scripts are mounted as volumes and can be referenced and executed by the dynamic reloadand DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--script_configs)) +- `selector` (Attributes) Used to match labels on the pod to determine whether a dynamic reload should be performed.In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload.The 'selector' allows you to specify label selectors to target the desired pods for the reload process.If the 'selector' is not specified or is nil, all pods managed by the workload will be considered for the dynamicreload. (see [below for nested schema](#nestedatt--spec--selector)) +- `static_parameters` (List of String) List static parameters.Modifications to any of these parameters require a restart of the process to take effect. +- `tools_image_spec` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload.If the dynamic reload action is triggered by a ShellTrigger, this field is required.This image must contain all necessary tools for executing the ShellTrigger scripts.Usually the specified image is referenced by the init container,which is then responsible for copy the tools from the image to a bin volume.This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--tools_image_spec)) ### Nested Schema for `spec.formatter_config` Required: -- `format` (String) The config file format. Valid values are 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties' and 'toml'. Each format has its own characteristics and use cases. - ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file - xml: refers to wiki: https://en.wikipedia.org/wiki/XML - yaml: supports for complex data types and structures. - json: refers to wiki: https://en.wikipedia.org/wiki/JSON - hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/ - dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS - properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties - toml: refers to wiki: https://en.wikipedia.org/wiki/TOML - props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) +- `format` (String) The config file format. Valid values are 'ini', 'xml', 'yaml', 'json','hcl', 'dotenv', 'properties' and 'toml'. Each format has its own characteristics and use cases.- ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file- xml: refers to wiki: https://en.wikipedia.org/wiki/XML- yaml: supports for complex data types and structures.- json: refers to wiki: https://en.wikipedia.org/wiki/JSON- hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/- dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS- properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties- toml: refers to wiki: https://en.wikipedia.org/wiki/TOML- props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) Optional: @@ -96,7 +96,7 @@ Optional: Optional: -- `cue` (String) Hold a string that contains a script written in CUE language that defines a list of configuration items. Each item is detailed with its name, default value, description, type (e.g. string, integer, float), and constraints (permissible values or the valid range of values). CUE (Configure, Unify, Execute) is a declarative language designed for defining and validating complex data configurations. It is particularly useful in environments like K8s where complex configurations and validation rules are common. This script functions as a validator for user-provided configurations, ensuring compliance with the established specifications and constraints. +- `cue` (String) Hold a string that contains a script written in CUE language that defines a list of configuration items.Each item is detailed with its name, default value, description, type (e.g. string, integer, float),and constraints (permissible values or the valid range of values).CUE (Configure, Unify, Execute) is a declarative language designed for defining and validatingcomplex data configurations.It is particularly useful in environments like K8s where complex configurations and validation rules are common.This script functions as a validator for user-provided configurations, ensuring compliance withthe established specifications and constraints. - `schema` (Map of String) Generated from the 'cue' field and transformed into a JSON format. @@ -107,12 +107,12 @@ Required: - `items` (Attributes List) Represents a list of files under the Downward API volume. (see [below for nested schema](#nestedatt--spec--downward_api_options--items)) - `mount_point` (String) Specifies the mount point of the Downward API volume. -- `name` (String) Specifies the name of the field. It must be a string of maximum length 63. The name should match the regex pattern '^[a-z0-9]([a-z0-9.-]*[a-z0-9])?$'. +- `name` (String) Specifies the name of the field. It must be a string of maximum length 63.The name should match the regex pattern '^[a-z0-9]([a-z0-9.-]*[a-z0-9])?$'. Optional: -- `command` (List of String) Specifies the command to be triggered when changes are detected in Downward API volume files. It relies on the inotify mechanism in the config-manager sidecar to monitor file changes. -- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod. The scripts are mounted as volumes and can be referenced and executed by the DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--downward_api_options--script_config)) +- `command` (List of String) Specifies the command to be triggered when changes are detected in Downward API volume files.It relies on the inotify mechanism in the config-manager sidecar to monitor file changes. +- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod.The scripts are mounted as volumes and can be referenced and executed by the DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--downward_api_options--script_config)) ### Nested Schema for `spec.downward_api_options.items` @@ -124,8 +124,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--downward_api_options--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--downward_api_options--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--downward_api_options--items--resource_field_ref)) ### Nested Schema for `spec.downward_api_options.items.field_ref` @@ -162,7 +162,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. @@ -193,11 +193,11 @@ Required: Optional: -- `batch_params_formatter_template` (String) Specifies a Go template string for formatting batch input data. It's used when 'batchReload' is 'True' to format data passed into STDIN of the script. The template accesses key-value pairs of updated parameters via the '$' variable. This allows for custom formatting of the input data. Example template: '''yaml batchParamsFormatterTemplate: |- {{- range $pKey, $pValue := $ }} {{ printf '%s:%s' $pKey $pValue }} {{- end }} ''' This example generates batch input data in a key:value format, sorted by keys. ''' key1:value1 key2:value2 key3:value3 ''' If not specified, the default format is key=value, sorted by keys, for each updated parameter. ''' key1=value1 key2=value2 key3=value3 ''' -- `batch_reload` (Boolean) Controls whether parameter updates are processed individually or collectively in a batch: - 'True': Processes all changes in one batch reload. - 'False': Processes each change individually. Defaults to 'False' if unspecified. -- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod. The scripts are mounted as volumes and can be referenced and executed by the dynamic reload. (see [below for nested schema](#nestedatt--spec--reload_options--shell_trigger--script_config)) -- `sync` (Boolean) Determines the synchronization mode of parameter updates with 'config-manager'. - 'True': Executes reload actions synchronously, pausing until completion. - 'False': Executes reload actions asynchronously, without waiting for completion. -- `tools_setup` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload. If the dynamic reload action is triggered by a ShellTrigger, this field is required. This image must contain all necessary tools for executing the ShellTrigger scripts. Usually the specified image is referenced by the init container, which is then responsible for copy the tools from the image to a bin volume. This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--reload_options--shell_trigger--tools_setup)) +- `batch_params_formatter_template` (String) Specifies a Go template string for formatting batch input data.It's used when 'batchReload' is 'True' to format data passed into STDIN of the script.The template accesses key-value pairs of updated parameters via the '$' variable.This allows for custom formatting of the input data.Example template:'''yamlbatchParamsFormatterTemplate: |-{{- range $pKey, $pValue := $ }}{{ printf '%s:%s' $pKey $pValue }}{{- end }}'''This example generates batch input data in a key:value format, sorted by keys.'''key1:value1key2:value2key3:value3'''If not specified, the default format is key=value, sorted by keys, for each updated parameter.'''key1=value1key2=value2key3=value3''' +- `batch_reload` (Boolean) Controls whether parameter updates are processed individually or collectively in a batch:- 'True': Processes all changes in one batch reload.- 'False': Processes each change individually.Defaults to 'False' if unspecified. +- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod.The scripts are mounted as volumes and can be referenced and executed by the dynamic reload. (see [below for nested schema](#nestedatt--spec--reload_options--shell_trigger--script_config)) +- `sync` (Boolean) Determines the synchronization mode of parameter updates with 'config-manager'.- 'True': Executes reload actions synchronously, pausing until completion.- 'False': Executes reload actions asynchronously, without waiting for completion. +- `tools_setup` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload.If the dynamic reload action is triggered by a ShellTrigger, this field is required.This image must contain all necessary tools for executing the ShellTrigger scripts.Usually the specified image is referenced by the init container,which is then responsible for copy the tools from the image to a bin volume.This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--reload_options--shell_trigger--tools_setup)) ### Nested Schema for `spec.reload_options.shell_trigger.script_config` @@ -208,7 +208,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. @@ -216,7 +216,7 @@ Optional: Required: -- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied. This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. +- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied.This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. Optional: @@ -227,7 +227,7 @@ Optional: Optional: -- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar. This is useful for large tool images, such as those for C++ tools, which may depend on numerous libraries (e.g., *.so files). If enabled, the tool image is deployed as a sidecar container image. Examples: '''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021 ''' generated containers: '''yaml initContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/tools containers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools ''' +- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar.This is useful for large tool images, such as those for C++ tools, which may depend onnumerous libraries (e.g., *.so files).If enabled, the tool image is deployed as a sidecar container image.Examples:'''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021'''generated containers:'''yamlinitContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/toolscontainers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools''' - `command` (List of String) Specifies the command to be executed by the init container. - `image` (String) Specifies the tool container image. - `name` (String) Specifies the name of the init container. @@ -244,8 +244,8 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. -- `sync` (Boolean) Determines whether parameter updates should be synchronized with the 'config-manager'. Specifies the controller's reload strategy: - If set to 'True', the controller executes the reload action in synchronous mode, pausing execution until the reload completes. - If set to 'False', the controller executes the reload action in asynchronous mode, updating the ConfigMap without waiting for the reload process to finish. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. +- `sync` (Boolean) Determines whether parameter updates should be synchronized with the 'config-manager'.Specifies the controller's reload strategy:- If set to 'True', the controller executes the reload action in synchronous mode, pausing execution until the reload completes.- If set to 'False', the controller executes the reload action in asynchronous mode, updating the ConfigMap without waiting for the reload process to finish. @@ -254,7 +254,7 @@ Optional: Required: - `process_name` (String) Identifies the name of the process to which the Unix signal will be sent. -- `signal` (String) Specifies a valid Unix signal to be sent. For a comprehensive list of all Unix signals, see: ../../pkg/configuration/configmap/handler.go:allUnixSignals +- `signal` (String) Specifies a valid Unix signal to be sent.For a comprehensive list of all Unix signals, see: ../../pkg/configuration/configmap/handler.go:allUnixSignals @@ -267,7 +267,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. @@ -276,7 +276,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.selector.match_expressions` @@ -284,11 +284,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -297,7 +297,7 @@ Optional: Required: -- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied. This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. +- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied.This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. Optional: @@ -308,7 +308,7 @@ Optional: Optional: -- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar. This is useful for large tool images, such as those for C++ tools, which may depend on numerous libraries (e.g., *.so files). If enabled, the tool image is deployed as a sidecar container image. Examples: '''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021 ''' generated containers: '''yaml initContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/tools containers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools ''' +- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar.This is useful for large tool images, such as those for C++ tools, which may depend onnumerous libraries (e.g., *.so files).If enabled, the tool image is deployed as a sidecar container image.Examples:'''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021'''generated containers:'''yamlinitContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/toolscontainers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools''' - `command` (List of String) Specifies the command to be executed by the init container. - `image` (String) Specifies the tool container image. - `name` (String) Specifies the name of the init container. diff --git a/docs/data-sources/apps_kubeblocks_io_config_constraint_v1beta1_manifest.md b/docs/data-sources/apps_kubeblocks_io_config_constraint_v1beta1_manifest.md index 63b876a49..421722eb8 100644 --- a/docs/data-sources/apps_kubeblocks_io_config_constraint_v1beta1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_config_constraint_v1beta1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_config_constraint_v1beta1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template. These configuration files should have the same format (e.g. ini, xml, properties, json). It provides the following functionalities: 1. Parameter Value Validation: Validates and ensures compliance of parameter values with defined constraints. 2. Dynamic Reload on Modification: Monitors parameter changes and triggers dynamic reloads to apply updates. 3. Parameter Rendering in Templates: Injects parameters into templates to generate up-to-date configuration files. + ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template.These configuration files should have the same format (e.g. ini, xml, properties, json).It provides the following functionalities:1. Parameter Value Validation: Validates and ensures compliance of parameter values with defined constraints.2. Dynamic Reload on Modification: Monitors parameter changes and triggers dynamic reloads to apply updates.3. Parameter Rendering in Templates: Injects parameters into templates to generate up-to-date configuration files. --- # k8s_apps_kubeblocks_io_config_constraint_v1beta1_manifest (Data Source) -ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template. These configuration files should have the same format (e.g. ini, xml, properties, json). It provides the following functionalities: 1. **Parameter Value Validation**: Validates and ensures compliance of parameter values with defined constraints. 2. **Dynamic Reload on Modification**: Monitors parameter changes and triggers dynamic reloads to apply updates. 3. **Parameter Rendering in Templates**: Injects parameters into templates to generate up-to-date configuration files. +ConfigConstraint manages the parameters across multiple configuration files contained in a single configure template.These configuration files should have the same format (e.g. ini, xml, properties, json).It provides the following functionalities:1. **Parameter Value Validation**: Validates and ensures compliance of parameter values with defined constraints.2. **Dynamic Reload on Modification**: Monitors parameter changes and triggers dynamic reloads to apply updates.3. **Parameter Rendering in Templates**: Injects parameters into templates to generate up-to-date configuration files. ## Example Usage @@ -54,25 +54,25 @@ Optional: Required: -- `file_format_config` (Attributes) Specifies the format of the configuration file and any associated parameters that are specific to the chosen format. Supported formats include 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties', and 'toml'. Each format may have its own set of parameters that can be configured. For instance, when using the 'ini' format, you can specify the section name. Example: ''' fileFormatConfig: format: ini iniConfig: sectionName: mysqld ''' (see [below for nested schema](#nestedatt--spec--file_format_config)) +- `file_format_config` (Attributes) Specifies the format of the configuration file and any associated parameters that are specific to the chosen format.Supported formats include 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties', and 'toml'.Each format may have its own set of parameters that can be configured.For instance, when using the 'ini' format, you can specify the section name.Example:'''fileFormatConfig: format: ini iniConfig: sectionName: mysqld''' (see [below for nested schema](#nestedatt--spec--file_format_config)) Optional: -- `downward_api_change_triggered_actions` (Attributes List) TODO: migrate DownwardAPITriggeredActions to ComponentDefinition.spec.lifecycleActions Specifies a list of actions to execute specified commands based on Pod labels. It utilizes the K8s Downward API to mount label information as a volume into the pod. The 'config-manager' sidecar container watches for changes in the role label and dynamically invoke registered commands (usually execute some SQL statements) when a change is detected. It is designed for scenarios where: - Replicas with different roles have different configurations, such as Redis primary & secondary replicas. - After a role switch (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions)) -- `dynamic_parameters` (List of String) List dynamic parameters. Modifications to these parameters trigger a configuration reload without requiring a process restart. -- `immutable_parameters` (List of String) Lists the parameters that cannot be modified once set. Attempting to change any of these parameters will be ignored. -- `merge_reload_and_restart` (Boolean) Indicates whether to consolidate dynamic reload and restart actions into a single restart. - If true, updates requiring both actions will result in only a restart, merging the actions. - If false, updates will trigger both actions executed sequentially: first dynamic reload, then restart. This flag allows for more efficient handling of configuration changes by potentially eliminating an unnecessary reload step. -- `parameters_schema` (Attributes) Defines a list of parameters including their names, default values, descriptions, types, and constraints (permissible values or the range of valid values). (see [below for nested schema](#nestedatt--spec--parameters_schema)) -- `reload_action` (Attributes) Specifies the dynamic reload (dynamic reconfiguration) actions supported by the engine. When set, the controller executes the scripts defined in these actions to handle dynamic parameter updates. Dynamic reloading is triggered only if both of the following conditions are met: 1. The modified parameters are listed in the 'dynamicParameters' field. If 'dynamicParameterSelectedPolicy' is set to 'all', modifications to 'staticParameters' can also trigger a reload. 2. 'reloadAction' is set. If 'reloadAction' is not set or the modified parameters are not listed in 'dynamicParameters', dynamic reloading will not be triggered. Example: '''yaml dynamicReloadAction: tplScriptTrigger: namespace: kb-system scriptConfigMapRef: mysql-reload-script sync: true ''' (see [below for nested schema](#nestedatt--spec--reload_action)) -- `reload_static_params_before_restart` (Boolean) Configures whether the dynamic reload specified in 'reloadAction' applies only to dynamic parameters or to all parameters (including static parameters). - false (default): Only modifications to the dynamic parameters listed in 'dynamicParameters' will trigger a dynamic reload. - true: Modifications to both dynamic parameters listed in 'dynamicParameters' and static parameters listed in 'staticParameters' will trigger a dynamic reload. The 'all' option is for certain engines that require static parameters to be set via SQL statements before they can take effect on restart. -- `static_parameters` (List of String) List static parameters. Modifications to any of these parameters require a restart of the process to take effect. +- `downward_api_change_triggered_actions` (Attributes List) TODO: migrate DownwardAPITriggeredActions to ComponentDefinition.spec.lifecycleActionsSpecifies a list of actions to execute specified commands based on Pod labels.It utilizes the K8s Downward API to mount label information as a volume into the pod.The 'config-manager' sidecar container watches for changes in the role label and dynamically invokeregistered commands (usually execute some SQL statements) when a change is detected.It is designed for scenarios where:- Replicas with different roles have different configurations, such as Redis primary & secondary replicas.- After a role switch (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions)) +- `dynamic_parameters` (List of String) List dynamic parameters.Modifications to these parameters trigger a configuration reload without requiring a process restart. +- `immutable_parameters` (List of String) Lists the parameters that cannot be modified once set.Attempting to change any of these parameters will be ignored. +- `merge_reload_and_restart` (Boolean) Indicates whether to consolidate dynamic reload and restart actions into a single restart.- If true, updates requiring both actions will result in only a restart, merging the actions.- If false, updates will trigger both actions executed sequentially: first dynamic reload, then restart.This flag allows for more efficient handling of configuration changes by potentially eliminatingan unnecessary reload step. +- `parameters_schema` (Attributes) Defines a list of parameters including their names, default values, descriptions,types, and constraints (permissible values or the range of valid values). (see [below for nested schema](#nestedatt--spec--parameters_schema)) +- `reload_action` (Attributes) Specifies the dynamic reload (dynamic reconfiguration) actions supported by the engine.When set, the controller executes the scripts defined in these actions to handle dynamic parameter updates.Dynamic reloading is triggered only if both of the following conditions are met:1. The modified parameters are listed in the 'dynamicParameters' field. If 'dynamicParameterSelectedPolicy' is set to 'all', modifications to 'staticParameters' can also trigger a reload.2. 'reloadAction' is set.If 'reloadAction' is not set or the modified parameters are not listed in 'dynamicParameters',dynamic reloading will not be triggered.Example:'''yamldynamicReloadAction: tplScriptTrigger: namespace: kb-system scriptConfigMapRef: mysql-reload-script sync: true''' (see [below for nested schema](#nestedatt--spec--reload_action)) +- `reload_static_params_before_restart` (Boolean) Configures whether the dynamic reload specified in 'reloadAction' applies only to dynamic parameters orto all parameters (including static parameters).- false (default): Only modifications to the dynamic parameters listed in 'dynamicParameters' will trigger a dynamic reload.- true: Modifications to both dynamic parameters listed in 'dynamicParameters' and static parameters listed in 'staticParameters' will trigger a dynamic reload. The 'all' option is for certain engines that require static parameters to be set via SQL statements before they can take effect on restart. +- `static_parameters` (List of String) List static parameters.Modifications to any of these parameters require a restart of the process to take effect. ### Nested Schema for `spec.file_format_config` Required: -- `format` (String) The config file format. Valid values are 'ini', 'xml', 'yaml', 'json', 'hcl', 'dotenv', 'properties' and 'toml'. Each format has its own characteristics and use cases. - ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file - xml: refers to wiki: https://en.wikipedia.org/wiki/XML - yaml: supports for complex data types and structures. - json: refers to wiki: https://en.wikipedia.org/wiki/JSON - hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/ - dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS - properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties - toml: refers to wiki: https://en.wikipedia.org/wiki/TOML - props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) +- `format` (String) The config file format. Valid values are 'ini', 'xml', 'yaml', 'json','hcl', 'dotenv', 'properties' and 'toml'. Each format has its own characteristics and use cases.- ini: is a text-based content with a structure and syntax comprising key–value pairs for properties, reference wiki: https://en.wikipedia.org/wiki/INI_file- xml: refers to wiki: https://en.wikipedia.org/wiki/XML- yaml: supports for complex data types and structures.- json: refers to wiki: https://en.wikipedia.org/wiki/JSON- hcl: The HashiCorp Configuration Language (HCL) is a configuration language authored by HashiCorp, reference url: https://www.linode.com/docs/guides/introduction-to-hcl/- dotenv: is a plain text file with simple key–value pairs, reference wiki: https://en.wikipedia.org/wiki/Configuration_file#MS-DOS- properties: a file extension mainly used in Java, reference wiki: https://en.wikipedia.org/wiki/.properties- toml: refers to wiki: https://en.wikipedia.org/wiki/TOML- props-plus: a file extension mainly used in Java, supports CamelCase(e.g: brokerMaxConnectionsPerIp) Optional: @@ -94,12 +94,12 @@ Required: - `items` (Attributes List) Represents a list of files under the Downward API volume. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--items)) - `mount_point` (String) Specifies the mount point of the Downward API volume. -- `name` (String) Specifies the name of the field. It must be a string of maximum length 63. The name should match the regex pattern '^[a-z0-9]([a-z0-9.-]*[a-z0-9])?$'. +- `name` (String) Specifies the name of the field. It must be a string of maximum length 63.The name should match the regex pattern '^[a-z0-9]([a-z0-9.-]*[a-z0-9])?$'. Optional: -- `command` (List of String) Specifies the command to be triggered when changes are detected in Downward API volume files. It relies on the inotify mechanism in the config-manager sidecar to monitor file changes. -- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod. The scripts are mounted as volumes and can be referenced and executed by the DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--script_config)) +- `command` (List of String) Specifies the command to be triggered when changes are detected in Downward API volume files.It relies on the inotify mechanism in the config-manager sidecar to monitor file changes. +- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod.The scripts are mounted as volumes and can be referenced and executed by the DownwardAction to perform specific tasks or configurations. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--script_config)) ### Nested Schema for `spec.downward_api_change_triggered_actions.items` @@ -111,8 +111,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--downward_api_change_triggered_actions--items--resource_field_ref)) ### Nested Schema for `spec.downward_api_change_triggered_actions.items.field_ref` @@ -149,7 +149,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. @@ -158,9 +158,9 @@ Optional: Optional: -- `cue` (String) Hold a string that contains a script written in CUE language that defines a list of configuration items. Each item is detailed with its name, default value, description, type (e.g. string, integer, float), and constraints (permissible values or the valid range of values). CUE (Configure, Unify, Execute) is a declarative language designed for defining and validating complex data configurations. It is particularly useful in environments like K8s where complex configurations and validation rules are common. This script functions as a validator for user-provided configurations, ensuring compliance with the established specifications and constraints. +- `cue` (String) Hold a string that contains a script written in CUE language that defines a list of configuration items.Each item is detailed with its name, default value, description, type (e.g. string, integer, float),and constraints (permissible values or the valid range of values).CUE (Configure, Unify, Execute) is a declarative language designed for defining and validatingcomplex data configurations.It is particularly useful in environments like K8s where complex configurations and validation rules are common.This script functions as a validator for user-provided configurations, ensuring compliance withthe established specifications and constraints. - `schema_in_json` (Map of String) Generated from the 'cue' field and transformed into a JSON format. -- `top_level_key` (String) Specifies the top-level key in the 'configSchema.cue' that organizes the validation rules for parameters. This key must exist within the CUE script defined in 'configSchema.cue'. +- `top_level_key` (String) Specifies the top-level key in the 'configSchema.cue' that organizes the validation rules for parameters.This key must exist within the CUE script defined in 'configSchema.cue'. @@ -170,7 +170,7 @@ Optional: - `auto_trigger` (Attributes) Automatically perform the reload when specified conditions are met. (see [below for nested schema](#nestedatt--spec--reload_action--auto_trigger)) - `shell_trigger` (Attributes) Allows to execute a custom shell script to reload the process. (see [below for nested schema](#nestedatt--spec--reload_action--shell_trigger)) -- `target_pod_selector` (Attributes) Used to match labels on the pod to determine whether a dynamic reload should be performed. In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. The 'reloadedPodSelector' allows you to specify label selectors to target the desired pods for the reload process. If the 'reloadedPodSelector' is not specified or is nil, all pods managed by the workload will be considered for the dynamic reload. (see [below for nested schema](#nestedatt--spec--reload_action--target_pod_selector)) +- `target_pod_selector` (Attributes) Used to match labels on the pod to determine whether a dynamic reload should be performed.In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload.The 'reloadedPodSelector' allows you to specify label selectors to target the desired pods for the reload process.If the 'reloadedPodSelector' is not specified or is nil, all pods managed by the workload will be considered for the dynamicreload. (see [below for nested schema](#nestedatt--spec--reload_action--target_pod_selector)) - `tpl_script_trigger` (Attributes) Enables reloading process using a Go template script. (see [below for nested schema](#nestedatt--spec--reload_action--tpl_script_trigger)) - `unix_signal_trigger` (Attributes) Used to trigger a reload by sending a specific Unix signal to the process. (see [below for nested schema](#nestedatt--spec--reload_action--unix_signal_trigger)) @@ -191,11 +191,11 @@ Required: Optional: -- `batch_params_formatter_template` (String) Specifies a Go template string for formatting batch input data. It's used when 'batchReload' is 'True' to format data passed into STDIN of the script. The template accesses key-value pairs of updated parameters via the '$' variable. This allows for custom formatting of the input data. Example template: '''yaml batchParamsFormatterTemplate: |- {{- range $pKey, $pValue := $ }} {{ printf '%s:%s' $pKey $pValue }} {{- end }} ''' This example generates batch input data in a key:value format, sorted by keys. ''' key1:value1 key2:value2 key3:value3 ''' If not specified, the default format is key=value, sorted by keys, for each updated parameter. ''' key1=value1 key2=value2 key3=value3 ''' -- `batch_reload` (Boolean) Controls whether parameter updates are processed individually or collectively in a batch: - 'True': Processes all changes in one batch reload. - 'False': Processes each change individually. Defaults to 'False' if unspecified. -- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod. The scripts are mounted as volumes and can be referenced and executed by the dynamic reload. (see [below for nested schema](#nestedatt--spec--reload_action--shell_trigger--script_config)) -- `sync` (Boolean) Determines the synchronization mode of parameter updates with 'config-manager'. - 'True': Executes reload actions synchronously, pausing until completion. - 'False': Executes reload actions asynchronously, without waiting for completion. -- `tools_setup` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload. If the dynamic reload action is triggered by a ShellTrigger, this field is required. This image must contain all necessary tools for executing the ShellTrigger scripts. Usually the specified image is referenced by the init container, which is then responsible for copy the tools from the image to a bin volume. This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--reload_action--shell_trigger--tools_setup)) +- `batch_params_formatter_template` (String) Specifies a Go template string for formatting batch input data.It's used when 'batchReload' is 'True' to format data passed into STDIN of the script.The template accesses key-value pairs of updated parameters via the '$' variable.This allows for custom formatting of the input data.Example template:'''yamlbatchParamsFormatterTemplate: |-{{- range $pKey, $pValue := $ }}{{ printf '%s:%s' $pKey $pValue }}{{- end }}'''This example generates batch input data in a key:value format, sorted by keys.'''key1:value1key2:value2key3:value3'''If not specified, the default format is key=value, sorted by keys, for each updated parameter.'''key1=value1key2=value2key3=value3''' +- `batch_reload` (Boolean) Controls whether parameter updates are processed individually or collectively in a batch:- 'True': Processes all changes in one batch reload.- 'False': Processes each change individually.Defaults to 'False' if unspecified. +- `script_config` (Attributes) ScriptConfig object specifies a ConfigMap that contains script files that should be mounted inside the pod.The scripts are mounted as volumes and can be referenced and executed by the dynamic reload. (see [below for nested schema](#nestedatt--spec--reload_action--shell_trigger--script_config)) +- `sync` (Boolean) Determines the synchronization mode of parameter updates with 'config-manager'.- 'True': Executes reload actions synchronously, pausing until completion.- 'False': Executes reload actions asynchronously, without waiting for completion. +- `tools_setup` (Attributes) Specifies the tools container image used by ShellTrigger for dynamic reload.If the dynamic reload action is triggered by a ShellTrigger, this field is required.This image must contain all necessary tools for executing the ShellTrigger scripts.Usually the specified image is referenced by the init container,which is then responsible for copy the tools from the image to a bin volume.This ensures that the tools are available to the 'config-manager' sidecar. (see [below for nested schema](#nestedatt--spec--reload_action--shell_trigger--tools_setup)) ### Nested Schema for `spec.reload_action.shell_trigger.script_config` @@ -206,7 +206,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. @@ -214,7 +214,7 @@ Optional: Required: -- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied. This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. +- `mount_point` (String) Specifies the directory path in the container where the tools-related files are to be copied.This field is typically used with an emptyDir volume to ensure a temporary, empty directory is provided at pod creation. Optional: @@ -225,7 +225,7 @@ Optional: Optional: -- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar. This is useful for large tool images, such as those for C++ tools, which may depend on numerous libraries (e.g., *.so files). If enabled, the tool image is deployed as a sidecar container image. Examples: '''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021 ''' generated containers: '''yaml initContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/tools containers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools ''' +- `as_container_image` (Boolean) Indicates whether the tool image should be used as the container image for a sidecar.This is useful for large tool images, such as those for C++ tools, which may depend onnumerous libraries (e.g., *.so files).If enabled, the tool image is deployed as a sidecar container image.Examples:'''yaml toolsSetup:: mountPoint: /kb_tools toolConfigs: - name: kb-tools asContainerImage: true image: apecloud/oceanbase:4.2.0.0-100010032023083021'''generated containers:'''yamlinitContainers: - name: install-config-manager-tool image: apecloud/kubeblocks-tools:${version} command: - cp - /bin/config_render - /opt/tools volumemounts: - name: kb-tools mountpath: /opt/toolscontainers: - name: config-manager image: apecloud/oceanbase:4.2.0.0-100010032023083021 imagePullPolicy: IfNotPresent command: - /opt/tools/reloader - --log-level - info - --operator-update-enable - --tcp - '9901' - --config - /opt/config-manager/config-manager.yaml volumemounts: - name: kb-tools mountpath: /opt/tools''' - `command` (List of String) Specifies the command to be executed by the init container. - `image` (String) Specifies the tool container image. - `name` (String) Specifies the name of the init container. @@ -239,7 +239,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--reload_action--target_pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.reload_action.target_pod_selector.match_expressions` @@ -247,11 +247,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -264,8 +264,8 @@ Required: Optional: -- `namespace` (String) Specifies the namespace for the ConfigMap. If not specified, it defaults to the 'default' namespace. -- `sync` (Boolean) Determines whether parameter updates should be synchronized with the 'config-manager'. Specifies the controller's reload strategy: - If set to 'True', the controller executes the reload action in synchronous mode, pausing execution until the reload completes. - If set to 'False', the controller executes the reload action in asynchronous mode, updating the ConfigMap without waiting for the reload process to finish. +- `namespace` (String) Specifies the namespace for the ConfigMap.If not specified, it defaults to the 'default' namespace. +- `sync` (Boolean) Determines whether parameter updates should be synchronized with the 'config-manager'.Specifies the controller's reload strategy:- If set to 'True', the controller executes the reload action in synchronous mode, pausing execution until the reload completes.- If set to 'False', the controller executes the reload action in asynchronous mode, updating the ConfigMap without waiting for the reload process to finish. @@ -274,4 +274,4 @@ Optional: Required: - `process_name` (String) Identifies the name of the process to which the Unix signal will be sent. -- `signal` (String) Specifies a valid Unix signal to be sent. For a comprehensive list of all Unix signals, see: ../../pkg/configuration/configmap/handler.go:allUnixSignals +- `signal` (String) Specifies a valid Unix signal to be sent.For a comprehensive list of all Unix signals, see: ../../pkg/configuration/configmap/handler.go:allUnixSignals diff --git a/docs/data-sources/apps_kubeblocks_io_configuration_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_configuration_v1alpha1_manifest.md index a94a26a60..7cbdaf72a 100644 --- a/docs/data-sources/apps_kubeblocks_io_configuration_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_configuration_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_configuration_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - Configuration represents the complete set of configurations for a specific Component of a Cluster. This includes templates for each configuration file, their corresponding ConfigConstraints, volume mounts, and other relevant details. + Configuration represents the complete set of configurations for a specific Component of a Cluster.This includes templates for each configuration file, their corresponding ConfigConstraints, volume mounts,and other relevant details. --- # k8s_apps_kubeblocks_io_configuration_v1alpha1_manifest (Data Source) -Configuration represents the complete set of configurations for a specific Component of a Cluster. This includes templates for each configuration file, their corresponding ConfigConstraints, volume mounts, and other relevant details. +Configuration represents the complete set of configurations for a specific Component of a Cluster.This includes templates for each configuration file, their corresponding ConfigConstraints, volume mounts,and other relevant details. ## Example Usage @@ -60,21 +60,21 @@ Required: Optional: -- `config_item_details` (Attributes List) ConfigItemDetails is an array of ConfigurationItemDetail objects. Each ConfigurationItemDetail corresponds to a configuration template, which is a ConfigMap that contains multiple configuration files. Each configuration file is stored as a key-value pair within the ConfigMap. The ConfigurationItemDetail includes information such as: - The configuration template (a ConfigMap) - The corresponding ConfigConstraint (constraints and validation rules for the configuration) - Volume mounts (for mounting the configuration files) (see [below for nested schema](#nestedatt--spec--config_item_details)) +- `config_item_details` (Attributes List) ConfigItemDetails is an array of ConfigurationItemDetail objects.Each ConfigurationItemDetail corresponds to a configuration template,which is a ConfigMap that contains multiple configuration files.Each configuration file is stored as a key-value pair within the ConfigMap.The ConfigurationItemDetail includes information such as:- The configuration template (a ConfigMap)- The corresponding ConfigConstraint (constraints and validation rules for the configuration)- Volume mounts (for mounting the configuration files) (see [below for nested schema](#nestedatt--spec--config_item_details)) ### Nested Schema for `spec.config_item_details` Required: -- `name` (String) Defines the unique identifier of the configuration template. It must be a string of maximum 63 characters, and can only include lowercase alphanumeric characters, hyphens, and periods. The name must start and end with an alphanumeric character. +- `name` (String) Defines the unique identifier of the configuration template.It must be a string of maximum 63 characters, and can only include lowercase alphanumeric characters,hyphens, and periods.The name must start and end with an alphanumeric character. Optional: -- `config_file_params` (Attributes) Specifies the user-defined configuration parameters. When provided, the parameter values in 'configFileParams' override the default configuration parameters. This allows users to override the default configuration according to their specific needs. (see [below for nested schema](#nestedatt--spec--config_item_details--config_file_params)) -- `config_spec` (Attributes) Specifies the name of the configuration template (a ConfigMap), ConfigConstraint, and other miscellaneous options. The configuration template is a ConfigMap that contains multiple configuration files. Each configuration file is stored as a key-value pair within the ConfigMap. ConfigConstraint allows defining constraints and validation rules for configuration parameters. It ensures that the configuration adheres to certain requirements and limitations. (see [below for nested schema](#nestedatt--spec--config_item_details--config_spec)) -- `import_template_ref` (Attributes) Specifies the user-defined configuration template. When provided, the 'importTemplateRef' overrides the default configuration template specified in 'configSpec.templateRef'. This allows users to customize the configuration template according to their specific requirements. (see [below for nested schema](#nestedatt--spec--config_item_details--import_template_ref)) -- `payload` (Map of String) External controllers can trigger a configuration rerender by modifying this field. Note: Currently, the 'payload' field is opaque and its content is not interpreted by the system. Modifying this field will cause a rerender, regardless of the specific content of this field. +- `config_file_params` (Attributes) Specifies the user-defined configuration parameters.When provided, the parameter values in 'configFileParams' override the default configuration parameters.This allows users to override the default configuration according to their specific needs. (see [below for nested schema](#nestedatt--spec--config_item_details--config_file_params)) +- `config_spec` (Attributes) Specifies the name of the configuration template (a ConfigMap), ConfigConstraint, and other miscellaneous options.The configuration template is a ConfigMap that contains multiple configuration files.Each configuration file is stored as a key-value pair within the ConfigMap.ConfigConstraint allows defining constraints and validation rules for configuration parameters.It ensures that the configuration adheres to certain requirements and limitations. (see [below for nested schema](#nestedatt--spec--config_item_details--config_spec)) +- `import_template_ref` (Attributes) Specifies the user-defined configuration template.When provided, the 'importTemplateRef' overrides the default configuration templatespecified in 'configSpec.templateRef'.This allows users to customize the configuration template according to their specific requirements. (see [below for nested schema](#nestedatt--spec--config_item_details--import_template_ref)) +- `payload` (Map of String) External controllers can trigger a configuration rerender by modifying this field.Note: Currently, the 'payload' field is opaque and its content is not interpreted by the system.Modifying this field will cause a rerender, regardless of the specific content of this field. - `version` (String) Deprecated: No longer used. Please use 'Payload' instead. Previously represented the version of the configuration template. @@ -82,7 +82,7 @@ Optional: Optional: -- `content` (String) Holds the configuration keys and values. This field is a workaround for issues found in kubebuilder and code-generator. Refer to https://github.com/kubernetes-sigs/kubebuilder/issues/528 and https://github.com/kubernetes/code-generator/issues/50 for more details. Represents the content of the configuration file. +- `content` (String) Holds the configuration keys and values. This field is a workaround for issues found in kubebuilder and code-generator.Refer to https://github.com/kubernetes-sigs/kubebuilder/issues/528 and https://github.com/kubernetes/code-generator/issues/50 for more details.Represents the content of the configuration file. - `parameters` (Map of String) Represents the updated parameters for a single configuration file. @@ -92,18 +92,18 @@ Optional: Required: - `name` (String) Specifies the name of the configuration template. -- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configuration template will be mounted to the corresponding volume. Must be a DNS_LABEL name. The volume name must be defined in podSpec.containers[*].volumeMounts. +- `volume_name` (String) Refers to the volume name of PodTemplate. The configuration file produced through the configurationtemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.The volume name must be defined in podSpec.containers[*].volumeMounts. Optional: -- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0. Use 'injectEnvTo' instead. +- `as_env_from` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image.Deprecated: 'asEnvFrom' has been deprecated since 0.9.0 and will be removed in 0.10.0.Use 'injectEnvTo' instead. - `constraint_ref` (String) Specifies the name of the referenced configuration constraints object. -- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444). However, certain database engines may require different file permissions. You can specify the desired file permissions here. Must be specified as an octal value between 0000 and 0777 (inclusive), or as a decimal value between 0 and 511 (inclusive). YAML supports both octal and decimal values for file permissions. Please note that this setting only affects the permissions of the files themselves. Directories within the specified path are not impacted by this setting. It's important to be aware that this setting might conflict with other options that influence the file mode, such as fsGroup. In such cases, the resulting file mode may have additional bits set. Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. -- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables. This is useful when application images accept parameters through environment variables and generate the final configuration file in the startup script based on these variables. This field allows users to specify a list of container names, and KubeBlocks will inject the environment variables converted from the ConfigMap into these designated containers. This provides a flexible way to pass the configuration items from the ConfigMap to the container without modifying the image. -- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates. A configuration template (provided in the form of a ConfigMap) may contain templates for multiple configuration files. Each configuration file corresponds to a key in the ConfigMap. Some of these configuration files may support dynamic modification and reloading without requiring a pod restart. If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, and ConfigConstraint applies to all keys. -- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization. The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the main template's render result to generate the final configuration file. This field is intended to handle scenarios where different pods within the same Component have varying configurations. It allows for pod-specific customization of the configuration. Note: This field will be deprecated in future versions, and the functionality will be moved to 'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--config_item_details--config_spec--legacy_rendered_config_spec)) -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. -- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation or cluster topology. Examples: - Redis: adjust maxmemory after v-scale operation. - MySQL: increase max connections after v-scale operation. - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. +- `default_mode` (Number) The operator attempts to set default file permissions for scripts (0555) and configurations (0444).However, certain database engines may require different file permissions.You can specify the desired file permissions here.Must be specified as an octal value between 0000 and 0777 (inclusive),or as a decimal value between 0 and 511 (inclusive).YAML supports both octal and decimal values for file permissions.Please note that this setting only affects the permissions of the files themselves.Directories within the specified path are not impacted by this setting.It's important to be aware that this setting might conflict with other optionsthat influence the file mode, such as fsGroup.In such cases, the resulting file mode may have additional bits set.Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. +- `inject_env_to` (List of String) Specifies the containers to inject the ConfigMap parameters as environment variables.This is useful when application images accept parameters through environment variables andgenerate the final configuration file in the startup script based on these variables.This field allows users to specify a list of container names, and KubeBlocks will inject the environmentvariables converted from the ConfigMap into these designated containers. This provides a flexible way topass the configuration items from the ConfigMap to the container without modifying the image. +- `keys` (List of String) Specifies the configuration files within the ConfigMap that support dynamic updates.A configuration template (provided in the form of a ConfigMap) may contain templates for multipleconfiguration files.Each configuration file corresponds to a key in the ConfigMap.Some of these configuration files may support dynamic modification and reloading without requiringa pod restart.If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,and ConfigConstraint applies to all keys. +- `legacy_rendered_config_spec` (Attributes) Specifies the secondary rendered config spec for pod-specific customization.The template is rendered inside the pod (by the 'config-manager' sidecar container) and merged with the maintemplate's render result to generate the final configuration file.This field is intended to handle scenarios where different pods within the same Component havevarying configurations. It allows for pod-specific customization of the configuration.Note: This field will be deprecated in future versions, and the functionality will be moved to'cluster.spec.componentSpecs[*].instances[*]'. (see [below for nested schema](#nestedatt--spec--config_item_details--config_spec--legacy_rendered_config_spec)) +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. +- `re_render_resource_types` (List of String) Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.In some scenarios, the configuration may need to be updated to reflect the changes in resource allocationor cluster topology. Examples:- Redis: adjust maxmemory after v-scale operation.- MySQL: increase max connections after v-scale operation.- Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - `template_ref` (String) Specifies the name of the referenced configuration template ConfigMap object. @@ -115,7 +115,7 @@ Required: Optional: -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `policy` (String) Defines the strategy for merging externally imported templates into component templates. @@ -129,5 +129,5 @@ Required: Optional: -- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object. An empty namespace is equivalent to the 'default' namespace. +- `namespace` (String) Specifies the namespace of the referenced configuration template ConfigMap object.An empty namespace is equivalent to the 'default' namespace. - `policy` (String) Defines the strategy for merging externally imported templates into component templates. diff --git a/docs/data-sources/apps_kubeblocks_io_ops_definition_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_ops_definition_v1alpha1_manifest.md index 4962b2c5f..8f842bdce 100644 --- a/docs/data-sources/apps_kubeblocks_io_ops_definition_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_ops_definition_v1alpha1_manifest.md @@ -58,10 +58,10 @@ Required: Optional: -- `component_infos` (Attributes List) Specifies a list of ComponentDefinition for Components associated with this OpsDefinition. It also includes connection credentials (address and account) for each Component. (see [below for nested schema](#nestedatt--spec--component_infos)) +- `component_infos` (Attributes List) Specifies a list of ComponentDefinition for Components associated with this OpsDefinition.It also includes connection credentials (address and account) for each Component. (see [below for nested schema](#nestedatt--spec--component_infos)) - `parameters_schema` (Attributes) Specifies the schema for validating the data types and value ranges of parameters in OpsActions before their usage. (see [below for nested schema](#nestedatt--spec--parameters_schema)) -- `pod_info_extractors` (Attributes List) Specifies a list of PodInfoExtractor, each designed to select a specific Pod and extract selected runtime info from its PodSpec. The extracted information, such as environment variables, volumes and tolerations, are then injected into Jobs or Pods that execute the OpsActions defined in 'actions'. (see [below for nested schema](#nestedatt--spec--pod_info_extractors)) -- `pre_conditions` (Attributes List) Specifies the preconditions that must be met to run the actions for the operation. if set, it will check the condition before the Component runs this operation. Example: '''yaml preConditions: - rule: expression: '{{ eq .component.status.phase 'Running' }}' message: Component is not in Running status. ''' (see [below for nested schema](#nestedatt--spec--pre_conditions)) +- `pod_info_extractors` (Attributes List) Specifies a list of PodInfoExtractor, each designed to select a specific Pod and extract selected runtime infofrom its PodSpec.The extracted information, such as environment variables, volumes and tolerations, are then injected intoJobs or Pods that execute the OpsActions defined in 'actions'. (see [below for nested schema](#nestedatt--spec--pod_info_extractors)) +- `pre_conditions` (Attributes List) Specifies the preconditions that must be met to run the actions for the operation.if set, it will check the condition before the Component runs this operation.Example:'''yaml preConditions: - rule: expression: '{{ eq .component.status.phase 'Running' }}' message: Component is not in Running status.''' (see [below for nested schema](#nestedatt--spec--pre_conditions)) ### Nested Schema for `spec.actions` @@ -72,11 +72,11 @@ Required: Optional: -- `exec` (Attributes) Specifies the configuration for a 'exec' action. It creates a Pod and invokes a 'kubectl exec' to run command inside a specified container with the target Pod. (see [below for nested schema](#nestedatt--spec--actions--exec)) -- `failure_policy` (String) Specifies the failure policy of the OpsAction. Valid values are: - 'Fail': Marks the entire OpsRequest as failed if the action fails. - 'Ignore': The OpsRequest continues processing despite the failure of the action. -- `parameters` (List of String) Specifies the parameters for the OpsAction. Their usage varies based on the action type: - For 'workload' or 'exec' actions, parameters are injected as environment variables. - For 'resourceModifier' actions, parameter can be referenced using $() in fields 'resourceModifier.completionProbe.matchExpressions' and 'resourceModifier.jsonPatches[*].value'. -- `resource_modifier` (Attributes) Specifies the configuration for a 'resourceModifier' action. This action allows for modifications to existing K8s objects. Note: This feature has not been implemented yet. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier)) -- `workload` (Attributes) Specifies the configuration for a 'workload' action. This action leads to the creation of a K8s workload, such as a Pod or Job, to execute specified tasks. (see [below for nested schema](#nestedatt--spec--actions--workload)) +- `exec` (Attributes) Specifies the configuration for a 'exec' action.It creates a Pod and invokes a 'kubectl exec' to run command inside a specified container with the target Pod. (see [below for nested schema](#nestedatt--spec--actions--exec)) +- `failure_policy` (String) Specifies the failure policy of the OpsAction.Valid values are:- 'Fail': Marks the entire OpsRequest as failed if the action fails.- 'Ignore': The OpsRequest continues processing despite the failure of the action. +- `parameters` (List of String) Specifies the parameters for the OpsAction. Their usage varies based on the action type:- For 'workload' or 'exec' actions, parameters are injected as environment variables.- For 'resourceModifier' actions, parameter can be referenced using $() in fields'resourceModifier.completionProbe.matchExpressions' and 'resourceModifier.jsonPatches[*].value'. +- `resource_modifier` (Attributes) Specifies the configuration for a 'resourceModifier' action.This action allows for modifications to existing K8s objects.Note: This feature has not been implemented yet. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier)) +- `workload` (Attributes) Specifies the configuration for a 'workload' action.This action leads to the creation of a K8s workload, such as a Pod or Job, to execute specified tasks. (see [below for nested schema](#nestedatt--spec--actions--workload)) ### Nested Schema for `spec.actions.exec` @@ -89,7 +89,7 @@ Required: Optional: - `backoff_limit` (Number) Specifies the number of retries allowed before marking the action as failed. -- `container_name` (String) The name of the container in the target pod where the command should be executed. This corresponds to the '-c {containerName}' option in 'kubectl exec'. If not set, the first container is used. +- `container_name` (String) The name of the container in the target pod where the command should be executed.This corresponds to the '-c {containerName}' option in 'kubectl exec'.If not set, the first container is used. @@ -97,7 +97,7 @@ Optional: Required: -- `completion_probe` (Attributes) Specifies a method to determine if the action has been completed. Note: This feature has not been implemented yet. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier--completion_probe)) +- `completion_probe` (Attributes) Specifies a method to determine if the action has been completed.Note: This feature has not been implemented yet. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier--completion_probe)) - `json_patches` (Attributes List) Specifies a list of patches for modifying the object. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier--json_patches)) - `resource` (Attributes) Specifies the K8s object that is to be updated. (see [below for nested schema](#nestedatt--spec--actions--resource_modifier--resource)) @@ -110,20 +110,20 @@ Required: Optional: -- `initial_delay_seconds` (Number) Specifies the number of seconds to wait after the resource has been patched before initiating completion probes. The default value is 5 seconds, with a minimum value of 1. -- `period_seconds` (Number) Specifies the frequency (in seconds) at which the probe should be performed. The default value is 5 seconds, with a minimum value of 1. -- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out. The default value is 60 seconds, with a minimum value of 1. +- `initial_delay_seconds` (Number) Specifies the number of seconds to wait after the resource has been patched before initiating completion probes.The default value is 5 seconds, with a minimum value of 1. +- `period_seconds` (Number) Specifies the frequency (in seconds) at which the probe should be performed.The default value is 5 seconds, with a minimum value of 1. +- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out.The default value is 60 seconds, with a minimum value of 1. ### Nested Schema for `spec.actions.resource_modifier.completion_probe.match_expressions` Required: -- `success` (String) Specifies a success condition for an action using a Go template expression. Should evaluate to either 'true' or 'false'. The current resource object is parsed into the Go template. for example, using '{{ eq .spec.replicas 1 }}' +- `success` (String) Specifies a success condition for an action using a Go template expression.Should evaluate to either 'true' or 'false'.The current resource object is parsed into the Go template.for example, using '{{ eq .spec.replicas 1 }}' Optional: -- `failure` (String) Specifies a failure condition for an action using a Go template expression. Should evaluate to either 'true' or 'false'. The current resource object is parsed into the Go template. for example, you can use '{{ eq .spec.replicas 1 }}'. +- `failure` (String) Specifies a failure condition for an action using a Go template expression.Should evaluate to either 'true' or 'false'.The current resource object is parsed into the Go template.for example, you can use '{{ eq .spec.replicas 1 }}'. @@ -142,7 +142,7 @@ Required: Required: -- `api_group` (String) Specifies the group for the resource being referenced. If not specified, the referenced Kind must belong to the core API group. For all third-party types, this is mandatory. +- `api_group` (String) Specifies the group for the resource being referenced.If not specified, the referenced Kind must belong to the core API group.For all third-party types, this is mandatory. - `kind` (String) Specifies the type of resource being referenced. - `name` (String) Indicates the name of the resource being referenced. @@ -154,7 +154,7 @@ Required: Required: - `pod_spec` (Attributes) Specifies the PodSpec of the 'workload' action. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec)) -- `type` (String) Defines the workload type of the action. Valid values include 'Job' and 'Pod'. - 'Job': Creates a Job to execute the action. - 'Pod': Creates a Pod to execute the action. Note: unlike Jobs, manually deleting a Pod does not affect the 'backoffLimit'. +- `type` (String) Defines the workload type of the action. Valid values include 'Job' and 'Pod'.- 'Job': Creates a Job to execute the action.- 'Pod': Creates a Pod to execute the action. Note: unlike Jobs, manually deleting a Pod does not affect the 'backoffLimit'. Optional: @@ -166,81 +166,81 @@ Optional: Required: -- `containers` (Attributes List) List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers)) +- `containers` (Attributes List) List of containers belonging to the pod.Containers cannot currently be added or removed.There must be at least one container in a Pod.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers)) Optional: -- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer. +- `active_deadline_seconds` (Number) Optional duration in seconds the pod may be active on the node relative toStartTime before the system will actively try to mark it failed and kill associated containers.Value must be a positive integer. - `affinity` (Attributes) If specified, the pod's scheduling constraints (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity)) - `automount_service_account_token` (Boolean) AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. -- `dns_config` (Attributes) Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--dns_config)) -- `dns_policy` (String) Set DNS policy for the pod. Defaults to 'ClusterFirst'. Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. -- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true. -- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers)) -- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--host_aliases)) -- `host_ipc` (Boolean) Use the host's ipc namespace. Optional: Default to false. -- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. -- `host_pid` (Boolean) Use the host's pid namespace. Optional: Default to false. -- `host_users` (Boolean) Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. -- `hostname` (String) Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value. -- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--image_pull_secrets)) -- `init_containers` (Attributes List) List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers)) -- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `os` (Attributes) Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--os)) -- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md -- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. -- `priority` (Number) The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority. -- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and 'system-cluster-critical' are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default. -- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to 'True' More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--readiness_gates)) -- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--resource_claims)) -- `restart_policy` (String) Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy -- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class -- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler. -- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. SchedulingGates can only be set at pod creation time, and be removed only afterwards. This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--scheduling_gates)) -- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context)) -- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. -- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false. -- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. -- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'. If not specified, the pod will not have a domainname at all. -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds. +- `dns_config` (Attributes) Specifies the DNS parameters of a pod.Parameters specified here will be merged to the generated DNSconfiguration based on DNSPolicy. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--dns_config)) +- `dns_policy` (String) Set DNS policy for the pod.Defaults to 'ClusterFirst'.Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.To have DNS options set along with hostNetwork, you have to specify DNS policyexplicitly to 'ClusterFirstWithHostNet'. +- `enable_service_links` (Boolean) EnableServiceLinks indicates whether information about services should be injected into pod'senvironment variables, matching the syntax of Docker links.Optional: Defaults to true. +- `ephemeral_containers` (Attributes List) List of ephemeral containers run in this pod. Ephemeral containers may be run in an existingpod to perform user-initiated actions such as debugging. This list cannot be specified whencreating a pod, and it cannot be modified by updating the pod spec. In order to add anephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers)) +- `host_aliases` (Attributes List) HostAliases is an optional list of hosts and IPs that will be injected into the pod's hostsfile if specified. This is only valid for non-hostNetwork pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--host_aliases)) +- `host_ipc` (Boolean) Use the host's ipc namespace.Optional: Default to false. +- `host_network` (Boolean) Host networking requested for this pod. Use the host's network namespace.If this option is set, the ports that will be used must be specified.Default to false. +- `host_pid` (Boolean) Use the host's pid namespace.Optional: Default to false. +- `host_users` (Boolean) Use the host's user namespace.Optional: Default to true.If set to true or not present, the pod will be run in the host user namespace, usefulfor when the pod needs a feature only available to the host user namespace, such asloading a kernel module with CAP_SYS_MODULE.When set to false, a new userns is created for the pod. Setting false is useful formitigating container breakout vulnerabilities even allowing users to run theircontainers as root without actually having root privileges on the host.This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. +- `hostname` (String) Specifies the hostname of the PodIf not specified, the pod's hostname will be set to a system-defined value. +- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.If specified, these secrets will be passed to individual puller implementations for them to use.More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--image_pull_secrets)) +- `init_containers` (Attributes List) List of initialization containers belonging to the pod.Init containers are executed in order prior to containers being started. If anyinit container fails, the pod is considered to have failed and is handled accordingto its restartPolicy. The name for an init container or normal container must beunique among all containers.Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.The resourceRequirements of an init container are taken into account during schedulingby finding the highest request/limit for each resource type, and then using the max ofof that value or the sum of the normal containers. Limits are applied to init containersin a similar fashion.Init containers cannot currently be added or removed.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers)) +- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty,the scheduler simply schedules this pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node.Selector which must match a node's labels for the pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `os` (Attributes) Specifies the OS of the containers in the pod.Some pod and container fields are restricted if this is set.If the OS field is set to linux, the following fields must be unset:-securityContext.windowsOptionsIf the OS field is set to windows, following fields must be unset:- spec.hostPID- spec.hostIPC- spec.hostUsers- spec.securityContext.seLinuxOptions- spec.securityContext.seccompProfile- spec.securityContext.fsGroup- spec.securityContext.fsGroupChangePolicy- spec.securityContext.sysctls- spec.shareProcessNamespace- spec.securityContext.runAsUser- spec.securityContext.runAsGroup- spec.securityContext.supplementalGroups- spec.containers[*].securityContext.seLinuxOptions- spec.containers[*].securityContext.seccompProfile- spec.containers[*].securityContext.capabilities- spec.containers[*].securityContext.readOnlyRootFilesystem- spec.containers[*].securityContext.privileged- spec.containers[*].securityContext.allowPrivilegeEscalation- spec.containers[*].securityContext.procMount- spec.containers[*].securityContext.runAsUser- spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--os)) +- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.This field will be autopopulated at admission time by the RuntimeClass admission controller. Ifthe RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.The RuntimeClass admission controller will reject Pod create requests which have the overhead alreadyset. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the valuedefined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md +- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority.One of Never, PreemptLowerPriority.Defaults to PreemptLowerPriority if unset. +- `priority` (Number) The priority value. Various system components use this field to find thepriority of the pod. When Priority Admission Controller is enabled, itprevents users from setting this field. The admission controller populatesthis field from PriorityClassName.The higher the value, the higher the priority. +- `priority_class_name` (String) If specified, indicates the pod's priority. 'system-node-critical' and'system-cluster-critical' are two special keywords which indicate thehighest priorities with the former being the highest priority. Any othername must be defined by creating a PriorityClass object with that name.If not specified, the pod priority will be default or zero if there is nodefault. +- `readiness_gates` (Attributes List) If specified, all readiness gates will be evaluated for pod readiness.A pod is ready when all its containers are ready ANDall conditions specified in the readiness gates have status equal to 'True'More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--readiness_gates)) +- `resource_claims` (Attributes List) ResourceClaims defines which ResourceClaims must be allocatedand reserved before the Pod is allowed to start. The resourceswill be made available to those containers which consume themby name.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--resource_claims)) +- `restart_policy` (String) Restart policy for all containers within the pod.One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.Default to Always.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy +- `runtime_class_name` (String) RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be usedto run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.If unset or empty, the 'legacy' RuntimeClass will be used, which is an implicit class with anempty definition that uses the default runtime handler.More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class +- `scheduler_name` (String) If specified, the pod will be dispatched by specified scheduler.If not specified, the pod will be dispatched by default scheduler. +- `scheduling_gates` (Attributes List) SchedulingGates is an opaque list of values that if specified will block scheduling the pod.If schedulingGates is not empty, the pod will stay in the SchedulingGated state and thescheduler will not attempt to schedule the pod.SchedulingGates can only be set at pod creation time, and be removed only afterwards.This is a beta feature enabled by the PodSchedulingReadiness feature gate. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--scheduling_gates)) +- `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings.Optional: Defaults to empty. See type description for default values of each field. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context)) +- `service_account` (String) DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.Deprecated: Use serviceAccountName instead. +- `service_account_name` (String) ServiceAccountName is the name of the ServiceAccount to use to run this pod.More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +- `set_hostname_as_fqdn` (Boolean) If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters to FQDN.If a pod does not have FQDN, this has no effect.Default to false. +- `share_process_namespace` (Boolean) Share a single process namespace between all of the containers in a pod.When this is set containers will be able to view and signal processes from other containersin the same pod, and the first process in each container will not be assigned PID 1.HostPID and ShareProcessNamespace cannot both be set.Optional: Default to false. +- `subdomain` (String) If specified, the fully qualified Pod hostname will be '...svc.'.If not specified, the pod will not have a domainname at all. +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).If this value is nil, the default grace period will be used instead.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.Defaults to 30 seconds. - `tolerations` (Attributes List) If specified, the pod's tolerations. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--topology_spread_constraints)) -- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of pods ought to spread across topologydomains. Scheduler will schedule pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--topology_spread_constraints)) +- `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes)) ### Nested Schema for `spec.actions.workload.pod_spec.containers` Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.actions.workload.pod_spec.containers.env` @@ -251,7 +251,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from)) @@ -260,8 +260,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--env--value_from--secret_key_ref)) @@ -273,7 +273,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -311,7 +311,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -331,7 +331,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -340,7 +340,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -350,8 +350,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop)) ### Nested Schema for `spec.actions.workload.pod_spec.containers.lifecycle.post_start` @@ -360,14 +360,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -375,21 +375,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -399,7 +399,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -414,14 +414,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -429,21 +429,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -453,7 +453,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -468,22 +468,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -495,7 +495,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -503,21 +503,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -527,7 +527,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -540,14 +540,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -556,22 +556,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -583,7 +583,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -591,21 +591,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -615,7 +615,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -628,8 +628,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -637,16 +637,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.actions.workload.pod_spec.containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -655,17 +655,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--security_context--windows_options)) ### Nested Schema for `spec.actions.workload.pod_spec.containers.security_context.capabilities` @@ -692,11 +692,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -704,10 +704,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -717,22 +717,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -744,7 +744,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -752,21 +752,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -776,7 +776,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -798,15 +798,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -824,8 +824,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.actions.workload.pod_spec.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -849,11 +849,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -862,11 +862,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -892,11 +892,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -905,11 +905,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -920,8 +920,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -929,20 +929,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -950,7 +950,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -958,11 +958,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -972,7 +972,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -980,11 +980,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -995,13 +995,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1009,7 +1009,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1017,11 +1017,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1031,7 +1031,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1039,11 +1039,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1054,8 +1054,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -1063,20 +1063,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -1084,7 +1084,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -1092,11 +1092,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1106,7 +1106,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -1114,11 +1114,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1129,13 +1129,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -1143,7 +1143,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -1151,11 +1151,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1165,7 +1165,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -1173,11 +1173,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1189,9 +1189,9 @@ Optional: Optional: -- `nameservers` (List of String) A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed. -- `options` (Attributes List) A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--dns_config--options)) -- `searches` (List of String) A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed. +- `nameservers` (List of String) A list of DNS name server IP addresses.This will be appended to the base nameservers generated from DNSPolicy.Duplicated nameservers will be removed. +- `options` (Attributes List) A list of DNS resolver options.This will be merged with the base options generated from DNSPolicy.Duplicated entries will be removed. Resolution options given in Optionswill override those that appear in the base DNSPolicy. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--dns_config--options)) +- `searches` (List of String) A list of DNS search domains for host-name lookup.This will be appended to the base search paths generated from DNSPolicy.Duplicated search paths will be removed. ### Nested Schema for `spec.actions.workload.pod_spec.dns_config.options` @@ -1208,34 +1208,34 @@ Optional: Required: -- `name` (String) Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers. +- `name` (String) Name of the ephemeral container specified as a DNS_LABEL.This name must be unique among all containers, init containers and ephemeral containers. Optional: -- `args` (List of String) Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `args` (List of String) Arguments to the entrypoint.The image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/images +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - `lifecycle` (Attributes) Lifecycle is not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle)) - `liveness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe)) - `ports` (Attributes List) Ports are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--ports)) - `readiness_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--resize_policy)) -- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--resources)) -- `restart_policy` (String) Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers. -- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context)) +- `resources` (Attributes) Resources are not allowed for ephemeral containers. Ephemeral containers use spare resourcesalready allocated to the pod. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--resources)) +- `restart_policy` (String) Restart policy for the container to manage the restart behavior of eachcontainer within a pod.This may only be set for init containers. You cannot set this field onephemeral containers. +- `security_context` (Attributes) Optional: SecurityContext defines the security options the ephemeral container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context)) - `startup_probe` (Attributes) Probes are not allowed for ephemeral containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined. -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `target_container_name` (String) If set, the name of the container from PodSpec that this ephemeral container targets.The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.If not set then the ephemeral container uses the namespaces configured in the Pod spec.The container runtime must implement support for this feature. If the runtime does notsupport namespace targeting then the result of setting this field is undefined. +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.env` @@ -1246,7 +1246,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from)) @@ -1255,8 +1255,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--env--value_from--secret_key_ref)) @@ -1268,7 +1268,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1306,7 +1306,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1326,7 +1326,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -1335,7 +1335,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -1345,8 +1345,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.lifecycle.post_start` @@ -1355,14 +1355,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1370,21 +1370,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1394,7 +1394,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1409,14 +1409,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1424,21 +1424,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1448,7 +1448,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1463,22 +1463,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1490,7 +1490,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1498,21 +1498,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1522,7 +1522,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1535,14 +1535,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -1551,22 +1551,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1578,7 +1578,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1586,21 +1586,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1610,7 +1610,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1623,8 +1623,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -1632,16 +1632,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1650,17 +1650,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--security_context--windows_options)) ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.security_context.capabilities` @@ -1687,11 +1687,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -1699,10 +1699,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -1712,22 +1712,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1739,7 +1739,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -1747,21 +1747,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--ephemeral_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.ephemeral_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -1771,7 +1771,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -1793,15 +1793,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -1819,7 +1819,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1827,33 +1827,33 @@ Optional: Required: -- `name` (String) Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. +- `name` (String) Name of the container specified as a DNS_LABEL.Each container in a pod must have a unique name (DNS_LABEL).Cannot be updated. Optional: -- `args` (List of String) Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `command` (List of String) Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -- `env` (Attributes List) List of environment variables to set in the container. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env)) -- `env_from` (Attributes List) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env_from)) -- `image` (String) Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. -- `image_pull_policy` (String) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images -- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle)) -- `liveness_probe` (Attributes) Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe)) -- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default '0.0.0.0' address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--ports)) -- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe)) +- `args` (List of String) Arguments to the entrypoint.The container image's CMD is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `command` (List of String) Entrypoint array. Not executed within a shell.The container image's ENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) are expanded using the container's environment. If a variablecannot be resolved, the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' willproduce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardlessof whether the variable exists or not. Cannot be updated.More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +- `env` (Attributes List) List of environment variables to set in the container.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env)) +- `env_from` (Attributes List) List of sources to populate environment variables in the container.The keys defined within a source must be a C_IDENTIFIER. All invalid keyswill be reported as an event when the container is starting. When a key exists in multiplesources, the value associated with the last source will take precedence.Values defined by an Env with a duplicate key will take precedence.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env_from)) +- `image` (String) Container image name.More info: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higher level config management to default or overridecontainer images in workload controllers like Deployments and StatefulSets. +- `image_pull_policy` (String) Image pull policy.One of Always, Never, IfNotPresent.Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.Cannot be updated.More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +- `lifecycle` (Attributes) Actions that the management system should take in response to container lifecycle events.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle)) +- `liveness_probe` (Attributes) Periodic probe of container liveness.Container will be restarted if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe)) +- `ports` (Attributes List) List of ports to expose from the container. Not specifying a port hereDOES NOT prevent that port from being exposed. Any port which islistening on the default '0.0.0.0' address inside a container will beaccessible from the network.Modifying this array with strategic merge patch may corrupt the data.For more information See https://github.com/kubernetes/kubernetes/issues/108255.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--ports)) +- `readiness_probe` (Attributes) Periodic probe of container service readiness.Container will be removed from service endpoints if the probe fails.Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe)) - `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--resize_policy)) -- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--resources)) -- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. -- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context)) -- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe)) -- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. -- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false -- `termination_message_path` (String) Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. -- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. -- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +- `resources` (Attributes) Compute Resources required by this container.Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--resources)) +- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod.This field may only be set for init containers, and the only allowed value is 'Always'.For non-init containers or when this field is not specified,the restart behavior is defined by the Pod's restart policy and the container type.Setting the RestartPolicy as 'Always' for the init container will have the following effect:this init container will be continually restarted onexit until all regular containers have terminated. Once all regularcontainers have completed, all init containers with restartPolicy 'Always'will be shut down. This lifecycle differs from normal init containers andis often referred to as a 'sidecar' container. Although this initcontainer still starts in the init container sequence, it does not waitfor the container to complete before proceeding to the next initcontainer. Instead, the next init container starts immediately after thisinit container is started, or after any startupProbe has successfullycompleted. +- `security_context` (Attributes) SecurityContext defines the security options the container should be run with.If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context)) +- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized.If specified, no other probes are executed until this completes successfully.If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,when it might take a long time to load data or warm a cache, than during steady-state operation.This cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe)) +- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If thisis not set, reads from stdin in the container will always result in EOF.Default is false. +- `stdin_once` (Boolean) Whether the container runtime should close the stdin channel after it has been opened bya single attach. When stdin is true the stdin stream will remain open across multiple attachsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until thefirst client attaches to stdin, and then remains open and accepts data until the client disconnects,at which time stdin is closed and remains closed until the container is restarted. If thisflag is false, a container processes that reads from stdin will never receive an EOF.Default is false +- `termination_message_path` (String) Optional: Path at which the file to which the container's termination messagewill be written is mounted into the container's filesystem.Message written is intended to be brief final status, such as an assertion failure message.Will be truncated by the node if greater than 4096 bytes. The total message length acrossall containers will be limited to 12kb.Defaults to /dev/termination-log.Cannot be updated. +- `termination_message_policy` (String) Indicate how the termination message should be populated. File will use the contents ofterminationMessagePath to populate the container status message on both success and failure.FallbackToLogsOnError will use the last chunk of container log output if the terminationmessage file is empty and the container exited with an error.The log output is limited to 2048 bytes or 80 lines, whichever is smaller.Defaults to File.Cannot be updated. +- `tty` (Boolean) Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.Default is false. - `volume_devices` (Attributes List) volumeDevices is the list of block devices to be used by the container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--volume_devices)) -- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--volume_mounts)) -- `working_dir` (String) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +- `volume_mounts` (Attributes List) Pod volumes to mount into the container's filesystem.Cannot be updated. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--volume_mounts)) +- `working_dir` (String) Container's working directory.If not specified, the container runtime's default will be used, whichmight be configured in the container image.Cannot be updated. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.env` @@ -1864,7 +1864,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from)) @@ -1873,8 +1873,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--env--value_from--secret_key_ref)) @@ -1886,7 +1886,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1924,7 +1924,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1944,7 +1944,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap must be defined @@ -1953,7 +1953,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret must be defined @@ -1963,8 +1963,8 @@ Optional: Optional: -- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start)) -- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop)) +- `post_start` (Attributes) PostStart is called immediately after a container is created. If the handler fails,the container is terminated and restarted according to its restart policy.Other management of the container blocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start)) +- `pre_stop` (Attributes) PreStop is called immediately before a container is terminated due to anAPI request or management event such as liveness/startup probe failure,preemption, resource contention, etc. The handler is not called if thecontainer crashes or exits. The Pod's termination grace period countdown begins before thePreStop hook is executed. Regardless of the outcome of the handler, thecontainer will eventually terminate within the Pod's termination graceperiod (unless delayed by finalizers). Other management of the container blocks until the hook completesor until the termination grace period is reached.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop)) ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.lifecycle.post_start` @@ -1973,14 +1973,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.lifecycle.post_start.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -1988,21 +1988,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--post_start--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.lifecycle.post_start.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2012,7 +2012,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2027,14 +2027,14 @@ Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop--exec)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop--http_get)) -- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop--tcp_socket)) +- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and keptfor the backward compatibility. There are no validation of this field andlifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop--tcp_socket)) ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.lifecycle.pre_stop.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2042,21 +2042,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--lifecycle--pre_stop--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.lifecycle.pre_stop.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2066,7 +2066,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2081,22 +2081,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.liveness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2108,7 +2108,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2116,21 +2116,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--liveness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.liveness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2140,7 +2140,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2153,14 +2153,14 @@ Optional: Required: -- `container_port` (Number) Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. +- `container_port` (Number) Number of port to expose on the pod's IP address.This must be a valid port number, 0 < x < 65536. Optional: - `host_ip` (String) What host IP to bind the external port to. -- `host_port` (Number) Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. -- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. -- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to 'TCP'. +- `host_port` (Number) Number of port to expose on the host.If specified, this must be a valid port number, 0 < x < 65536.If HostNetwork is specified, this must match ContainerPort.Most containers do not need this. +- `name` (String) If specified, this must be an IANA_SVC_NAME and unique within the pod. Eachnamed port in a pod must have a unique name. Name for the port that can bereferred to by services. +- `protocol` (String) Protocol for port. Must be UDP, TCP, or SCTP.Defaults to 'TCP'. @@ -2169,22 +2169,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.readiness_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2196,7 +2196,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2204,21 +2204,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--readiness_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.readiness_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2228,7 +2228,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2241,8 +2241,8 @@ Optional: Required: -- `resource_name` (String) Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. -- `restart_policy` (String) Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. +- `resource_name` (String) Name of the resource to which this resource resize policy applies.Supported values: cpu, memory. +- `restart_policy` (String) Restart policy to apply when specified resource is resized.If not specified, it defaults to NotRequired. @@ -2250,16 +2250,16 @@ Required: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2268,17 +2268,17 @@ Required: Optional: -- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. -- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--capabilities)) -- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. -- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. -- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--seccomp_profile)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--windows_options)) +- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain moreprivileges than its parent process. This bool directly controls ifthe no_new_privs flag will be set on the container process.AllowPrivilegeEscalation is true always when the container is:1) run as Privileged2) has CAP_SYS_ADMINNote that this field cannot be set when spec.os.name is windows. +- `capabilities` (Attributes) The capabilities to add/drop when running containers.Defaults to the default set of capabilities granted by the container runtime.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--capabilities)) +- `privileged` (Boolean) Run container in privileged mode.Processes in privileged containers are essentially equivalent to root on the host.Defaults to false.Note that this field cannot be set when spec.os.name is windows. +- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers.The default is DefaultProcMount which uses the container runtime defaults forreadonly paths and masked paths.This requires the ProcMountType feature flag to be enabled.Note that this field cannot be set when spec.os.name is windows. +- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem.Default is false.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to the container.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options areprovided at both the pod & container level, the container optionsoverride the pod options.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--seccomp_profile)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options from the PodSecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--security_context--windows_options)) ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.security_context.capabilities` @@ -2305,11 +2305,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2317,10 +2317,10 @@ Optional: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2330,22 +2330,22 @@ Optional: Optional: - `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe--exec)) -- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +- `failure_threshold` (Number) Minimum consecutive failures for the probe to be considered failed after having succeeded.Defaults to 3. Minimum value is 1. - `grpc` (Attributes) GRPC specifies an action involving a GRPC port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe--grpc)) - `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe--http_get)) -- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- `period_seconds` (Number) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. -- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. +- `initial_delay_seconds` (Number) Number of seconds after the container has started before liveness probes are initiated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `period_seconds` (Number) How often (in seconds) to perform the probe.Default to 10 seconds. Minimum value is 1. +- `success_threshold` (Number) Minimum consecutive successes for the probe to be considered successful after having failed.Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - `tcp_socket` (Attributes) TCPSocket specifies an action involving a TCP port. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe--tcp_socket)) -- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. -- `timeout_seconds` (Number) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully upon probe failure.The grace period is the duration in seconds after the processes running in the pod are senta termination signal and the time when the processes are forcibly halted with a kill signal.Set this value longer than the expected cleanup time for your process.If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, thisvalue overrides the value provided by the pod spec.Value must be non-negative integer. The value zero indicates stop immediately viathe kill signal (no opportunity to shut down).This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. +- `timeout_seconds` (Number) Number of seconds after which the probe times out.Defaults to 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.startup_probe.exec` Optional: -- `command` (List of String) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +- `command` (List of String) Command is the command line to execute inside the container, the working directory for thecommand is root ('/') in the container's filesystem. The command is simply exec'd, it isnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To usea shell, you need to explicitly call out to that shell.Exit status of 0 is treated as live/healthy and non-zero is unhealthy. @@ -2357,7 +2357,7 @@ Required: Optional: -- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. +- `service` (String) Service is the name of the service to place in the gRPC HealthCheckRequest(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).If this is not specified, the default behavior is defined by gRPC. @@ -2365,21 +2365,21 @@ Optional: Required: -- `port` (String) Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Name or number of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: -- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set 'Host' in httpHeaders instead. +- `host` (String) Host name to connect to, defaults to the pod IP. You probably want to set'Host' in httpHeaders instead. - `http_headers` (Attributes List) Custom headers to set in the request. HTTP allows repeated headers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--init_containers--startup_probe--http_get--http_headers)) - `path` (String) Path to access on the HTTP server. -- `scheme` (String) Scheme to use for connecting to the host. Defaults to HTTP. +- `scheme` (String) Scheme to use for connecting to the host.Defaults to HTTP. ### Nested Schema for `spec.actions.workload.pod_spec.init_containers.startup_probe.http_get.http_headers` Required: -- `name` (String) The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. +- `name` (String) The header field name.This will be canonicalized upon output, so case-variant names will be understood as the same header. - `value` (String) The header field value @@ -2389,7 +2389,7 @@ Required: Required: -- `port` (String) Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. +- `port` (String) Number or name of the port to access on the container.Number must be in the range 1 to 65535.Name must be an IANA_SVC_NAME. Optional: @@ -2411,15 +2411,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -2428,7 +2428,7 @@ Optional: Required: -- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null +- `name` (String) Name is the name of the operating system. The currently supported values are linux and windows.Additional value may be defined in future and can be one of:https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configurationClients should expect to handle additional values and treat unrecognized values in this field as os: null @@ -2444,7 +2444,7 @@ Required: Required: -- `name` (String) Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL. +- `name` (String) Name uniquely identifies this resource claim inside the pod.This must be a DNS_LABEL. Optional: @@ -2455,8 +2455,8 @@ Optional: Optional: -- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. -- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. +- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the samenamespace as this pod. +- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplateobject in the same namespace as this pod.The template will be used to create a new ResourceClaim, which willbe bound to this pod. When this pod is deleted, the ResourceClaimwill also be deleted. The pod name and resource name, along with agenerated component, will be used to form a unique name for theResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.This field is immutable and no changes will be made to thecorresponding ResourceClaim by the control plane after creating theResourceClaim. @@ -2465,7 +2465,7 @@ Optional: Required: -- `name` (String) Name of the scheduling gate. Each scheduling gate must have a unique name field. +- `name` (String) Name of the scheduling gate.Each scheduling gate must have a unique name field. @@ -2473,16 +2473,16 @@ Required: Optional: -- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. -- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows. -- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--se_linux_options)) -- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--seccomp_profile)) -- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. -- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--sysctls)) -- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--windows_options)) +- `fs_group` (Number) A special supplemental group that applies to all containers in a pod.Some volume types allow the Kubelet to change the ownership of that volumeto be owned by the pod:1. The owning GID will be the FSGroup2. The setgid bit is set (new files created in the volume will be owned by FSGroup)3. The permission bits are OR'd with rw-rw----If unset, the Kubelet will not modify the ownership and permissions of any volume.Note that this field cannot be set when spec.os.name is windows. +- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volumebefore being exposed inside Pod. This field will only apply tovolume types which support fsGroup based ownership(and permissions).It will have no effect on ephemeral volume types such as: secret, configmapsand emptydir.Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used.Note that this field cannot be set when spec.os.name is windows. +- `run_as_group` (Number) The GID to run the entrypoint of the container process.Uses runtime default if unset.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user.If true, the Kubelet will validate the image at runtime to ensure that itdoes not run as UID 0 (root) and fail to start the container if it does.If unset or false, no such validation will be performed.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. +- `run_as_user` (Number) The UID to run the entrypoint of the container process.Defaults to user specified in image metadata if unspecified.May also be set in SecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedencefor that container.Note that this field cannot be set when spec.os.name is windows. +- `se_linux_options` (Attributes) The SELinux context to be applied to all containers.If unspecified, the container runtime will allocate a random SELinux context for eachcontainer. May also be set in SecurityContext. If set inboth SecurityContext and PodSecurityContext, the value specified in SecurityContexttakes precedence for that container.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--seccomp_profile)) +- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in additionto the container's primary GID, the fsGroup (if specified), and group membershipsdefined in the container image for the uid of the container process. If unspecified,no additional groups are added to any container. Note that group membershipsdefined in the container image for the uid of the container process are still effective,even if they are not included in this list.Note that this field cannot be set when spec.os.name is windows. +- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupportedsysctls (by the container runtime) might fail to launch.Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--sysctls)) +- `windows_options` (Attributes) The Windows specific settings applied to all containers.If unspecified, the options within a container's SecurityContext will be used.If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--security_context--windows_options)) ### Nested Schema for `spec.actions.workload.pod_spec.security_context.se_linux_options` @@ -2500,11 +2500,11 @@ Optional: Required: -- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. +- `type` (String) type indicates which kind of seccomp profile will be applied.Valid options are:Localhost - a profile defined in a file on the node should be used.RuntimeDefault - the container runtime default profile should be used.Unconfined - no profile should be applied. Optional: -- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type. +- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used.The profile must be preconfigured on the node to work.Must be a descending path, relative to the kubelet's configured seccomp profile location.Must be set if type is 'Localhost'. Must NOT be set for any other type. @@ -2521,10 +2521,10 @@ Required: Optional: -- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. +- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of theGMSA credential spec named by the GMSACredentialSpecName field. - `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use. -- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. -- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container.All of a Pod's containers must have the same effective HostProcess value(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).In addition, if HostProcess is true then HostNetwork must also be set to true. +- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process.Defaults to the user specified in image metadata if unspecified.May also be set in PodSecurityContext. If set in both SecurityContext andPodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2533,11 +2533,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -2545,17 +2545,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.actions.workload.pod_spec.topology_spread_constraints.label_selector` @@ -2563,7 +2563,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.topology_spread_constraints.label_selector.match_expressions` @@ -2571,11 +2571,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2585,37 +2585,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--vsphere_volume)) @@ -2624,13 +2624,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -2644,9 +2644,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2659,7 +2659,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -2667,22 +2667,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.actions.workload.pod_spec.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2691,20 +2691,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--cinder--secret_ref)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2713,9 +2713,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -2724,11 +2724,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -2737,21 +2737,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.actions.workload.pod_spec.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2760,7 +2760,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--downward_api--items)) @@ -2773,8 +2773,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.downward_api.items.field_ref` @@ -2808,8 +2808,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -2817,31 +2817,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -2854,7 +2854,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -2867,8 +2867,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -2876,16 +2876,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.actions.workload.pod_spec.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -2895,7 +2895,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.actions.workload.pod_spec.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -2903,11 +2903,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -2931,11 +2931,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -2947,17 +2947,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -2966,7 +2966,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -2975,13 +2975,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -2993,7 +2993,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -3002,12 +3002,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -3015,11 +3015,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -3029,17 +3029,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--iscsi--secret_ref)) @@ -3047,7 +3047,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3056,12 +3056,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -3069,11 +3069,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -3085,7 +3085,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -3097,8 +3097,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -3106,7 +3106,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources)) @@ -3124,8 +3124,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -3134,11 +3134,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3159,8 +3159,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.actions.workload.pod_spec.volumes.projected.sources.downward_api.items.field_ref` @@ -3194,8 +3194,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -3204,11 +3204,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3217,12 +3217,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -3232,15 +3232,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -3248,24 +3248,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.actions.workload.pod_spec.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3275,25 +3275,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.actions.workload.pod_spec.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3302,10 +3302,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.actions.workload.pod_spec.volumes.secret.items` @@ -3313,11 +3313,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -3326,18 +3326,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--actions--workload--pod_spec--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.actions.workload.pod_spec.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -3350,7 +3350,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -3368,8 +3368,8 @@ Required: Optional: -- `account_name` (String) Specifies the account name associated with the Component. If set, the corresponding account username and password are injected into containers' environment variables 'KB_ACCOUNT_USERNAME' and 'KB_ACCOUNT_PASSWORD'. -- `service_name` (String) Specifies the name of the Service. If set, the service name is injected as the 'KB_COMP_SVC_NAME' environment variable in the containers, and each service port is mapped to a corresponding environment variable named 'KB_COMP_SVC_PORT_$(portName)'. The 'portName' is transformed by replacing '-' with '_' and converting to uppercase. +- `account_name` (String) Specifies the account name associated with the Component.If set, the corresponding account username and password are injected into containers' environment variables'KB_ACCOUNT_USERNAME' and 'KB_ACCOUNT_PASSWORD'. +- `service_name` (String) Specifies the name of the Service.If set, the service name is injected as the 'KB_COMP_SVC_NAME' environment variable in the containers,and each service port is mapped to a corresponding environment variable named 'KB_COMP_SVC_PORT_$(portName)'.The 'portName' is transformed by replacing '-' with '_' and converting to uppercase. @@ -3377,7 +3377,7 @@ Optional: Optional: -- `open_apiv3_schema` (Map of String) Defines the schema for parameters using the OpenAPI v3. The supported property types include: - string - number - integer - array: Note that only items of string type are supported. +- `open_apiv3_schema` (Map of String) Defines the schema for parameters using the OpenAPI v3.The supported property types include:- string- number- integer- array: Note that only items of string type are supported. @@ -3390,15 +3390,15 @@ Required: Optional: -- `env` (Attributes List) Specifies a list of environment variables to be extracted from a selected Pod, and injected into the containers executing each OpsAction. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env)) -- `volume_mounts` (Attributes List) Specifies a list of volumes, along with their respective mount points, that are to be extracted from a selected Pod, and mounted onto the containers executing each OpsAction. This allows the containers to access shared or persistent data necessary for the operation. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--volume_mounts)) +- `env` (Attributes List) Specifies a list of environment variables to be extracted from a selected Pod,and injected into the containers executing each OpsAction. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env)) +- `volume_mounts` (Attributes List) Specifies a list of volumes, along with their respective mount points, that are to be extracted from a selected Pod,and mounted onto the containers executing each OpsAction.This allows the containers to access shared or persistent data necessary for the operation. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--volume_mounts)) ### Nested Schema for `spec.pod_info_extractors.pod_selector` Optional: -- `multi_pod_selection_policy` (String) Defines the policy for selecting the target pod when multiple pods match the podSelector. It can be either 'Any' (select any one pod that matches the podSelector) or 'All' (select all pods that match the podSelector). +- `multi_pod_selection_policy` (String) Defines the policy for selecting the target pod when multiple pods match the podSelector.It can be either 'Any' (select any one pod that matches the podSelector)or 'All' (select all pods that match the podSelector). - `role` (String) Specifies the role of the target Pod. @@ -3407,7 +3407,7 @@ Optional: Required: -- `name` (String) Specifies the name of the environment variable to be injected into Pods executing OpsActions. It must conform to the C_IDENTIFIER format, which includes only alphanumeric characters and underscores, and cannot begin with a digit. +- `name` (String) Specifies the name of the environment variable to be injected into Pods executing OpsActions.It must conform to the C_IDENTIFIER format, which includes only alphanumeric characters and underscores, and cannot begin with a digit. - `value_from` (Attributes) Specifies the source of the environment variable's value. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env--value_from)) @@ -3415,19 +3415,19 @@ Required: Optional: -- `env_ref` (Attributes) Specifies a reference to a specific environment variable within a container. Used to specify the source of the variable, which can be either 'env' or 'envFrom'. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env--value_from--env_ref)) -- `field_path` (Attributes) Represents the JSONPath expression pointing to the specific data within the JSON structure of the target Pod. It is used to extract precise data locations for operations on the Pod. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env--value_from--field_path)) +- `env_ref` (Attributes) Specifies a reference to a specific environment variable within a container.Used to specify the source of the variable, which can be either 'env' or 'envFrom'. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env--value_from--env_ref)) +- `field_path` (Attributes) Represents the JSONPath expression pointing to the specific data within the JSON structure of the target Pod.It is used to extract precise data locations for operations on the Pod. (see [below for nested schema](#nestedatt--spec--pod_info_extractors--env--value_from--field_path)) ### Nested Schema for `spec.pod_info_extractors.env.value_from.env_ref` Required: -- `env_name` (String) Defines the name of the environment variable. This name can originate from an 'env' entry or be a data key from an 'envFrom' source. +- `env_name` (String) Defines the name of the environment variable.This name can originate from an 'env' entry or be a data key from an 'envFrom' source. Optional: -- `target_container_name` (String) Specifies the container name in the target Pod. If not specified, the first container will be used by default. +- `target_container_name` (String) Specifies the container name in the target Pod.If not specified, the first container will be used by default. @@ -3449,15 +3449,15 @@ Optional: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -3473,5 +3473,5 @@ Optional: Required: -- `expression` (String) Specifies a Go template expression that determines how the operation can be executed. The return value must be either 'true' or 'false'. Available built-in objects that can be referenced in the expression include: - 'params': Input parameters. - 'cluster': The referenced Cluster object. - 'component': The referenced Component object. +- `expression` (String) Specifies a Go template expression that determines how the operation can be executed.The return value must be either 'true' or 'false'.Available built-in objects that can be referenced in the expression include:- 'params': Input parameters.- 'cluster': The referenced Cluster object.- 'component': The referenced Component object. - `message` (String) Specifies the error or status message reported if the 'expression' does not evaluate to 'true'. diff --git a/docs/data-sources/apps_kubeblocks_io_ops_request_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_ops_request_v1alpha1_manifest.md index 30fc9edbe..637a11f52 100644 --- a/docs/data-sources/apps_kubeblocks_io_ops_request_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_ops_request_v1alpha1_manifest.md @@ -55,44 +55,44 @@ Optional: Required: -- `type` (String) Specifies the type of this operation. Supported types include 'Start', 'Stop', 'Restart', 'Switchover', 'VerticalScaling', 'HorizontalScaling', 'VolumeExpansion', 'Reconfiguring', 'Upgrade', 'Backup', 'Restore', 'Expose', 'DataScript', 'RebuildInstance', 'Custom'. Note: This field is immutable once set. +- `type` (String) Specifies the type of this operation. Supported types include 'Start', 'Stop', 'Restart', 'Switchover','VerticalScaling', 'HorizontalScaling', 'VolumeExpansion', 'Reconfiguring', 'Upgrade', 'Backup', 'Restore','Expose', 'DataScript', 'RebuildInstance', 'Custom'.Note: This field is immutable once set. Optional: - `backup` (Attributes) Specifies the parameters to backup a Cluster. (see [below for nested schema](#nestedatt--spec--backup)) -- `backup_spec` (Attributes) Deprecated: since v0.9, use backup instead. Specifies the parameters to backup a Cluster. (see [below for nested schema](#nestedatt--spec--backup_spec)) -- `cancel` (Boolean) Indicates whether the current operation should be canceled and terminated gracefully if it's in the 'Pending', 'Creating', or 'Running' state. This field applies only to 'VerticalScaling' and 'HorizontalScaling' opsRequests. Note: Setting 'cancel' to true is irreversible; further modifications to this field are ineffective. +- `backup_spec` (Attributes) Deprecated: since v0.9, use backup instead.Specifies the parameters to backup a Cluster. (see [below for nested schema](#nestedatt--spec--backup_spec)) +- `cancel` (Boolean) Indicates whether the current operation should be canceled and terminated gracefully if it's in the'Pending', 'Creating', or 'Running' state.This field applies only to 'VerticalScaling' and 'HorizontalScaling' opsRequests.Note: Setting 'cancel' to true is irreversible; further modifications to this field are ineffective. - `cluster_name` (String) Specifies the name of the Cluster resource that this operation is targeting. -- `cluster_ref` (String) Deprecated: since v0.9, use clusterName instead. Specifies the name of the Cluster resource that this operation is targeting. +- `cluster_ref` (String) Deprecated: since v0.9, use clusterName instead.Specifies the name of the Cluster resource that this operation is targeting. - `custom` (Attributes) Specifies a custom operation defined by OpsDefinition. (see [below for nested schema](#nestedatt--spec--custom)) - `expose` (Attributes List) Lists Expose objects, each specifying a Component and its services to be exposed. (see [below for nested schema](#nestedatt--spec--expose)) -- `force` (Boolean) Instructs the system to bypass pre-checks (including cluster state checks and customized pre-conditions hooks) and immediately execute the opsRequest, except for the opsRequest of 'Start' type, which will still undergo pre-checks even if 'force' is true. This is useful for concurrent execution of 'VerticalScaling' and 'HorizontalScaling' opsRequests. By setting 'force' to true, you can bypass the default checks and demand these opsRequests to run simultaneously. Note: Once set, the 'force' field is immutable and cannot be updated. -- `horizontal_scaling` (Attributes List) Lists HorizontalScaling objects, each specifying scaling requirements for a Component, including desired replica changes, configurations for new instances, modifications for existing instances, and take offline/online the specified instances. (see [below for nested schema](#nestedatt--spec--horizontal_scaling)) -- `pre_condition_deadline_seconds` (Number) Specifies the maximum time in seconds that the OpsRequest will wait for its pre-conditions to be met before it aborts the operation. If set to 0 (default), pre-conditions must be satisfied immediately for the OpsRequest to proceed. -- `rebuild_from` (Attributes List) Specifies the parameters to rebuild some instances. Rebuilding an instance involves restoring its data from a backup or another database replica. The instances being rebuilt usually serve as standby in the cluster. Hence rebuilding instances is often also referred to as 'standby reconstruction'. (see [below for nested schema](#nestedatt--spec--rebuild_from)) -- `reconfigure` (Attributes) Specifies a component and its configuration updates. This field is deprecated and replaced by 'reconfigures'. (see [below for nested schema](#nestedatt--spec--reconfigure)) +- `force` (Boolean) Instructs the system to bypass pre-checks (including cluster state checks and customized pre-conditions hooks)and immediately execute the opsRequest, except for the opsRequest of 'Start' type, which will still undergopre-checks even if 'force' is true.This is useful for concurrent execution of 'VerticalScaling' and 'HorizontalScaling' opsRequests.By setting 'force' to true, you can bypass the default checks and demand these opsRequests to runsimultaneously.Note: Once set, the 'force' field is immutable and cannot be updated. +- `horizontal_scaling` (Attributes List) Lists HorizontalScaling objects, each specifying scaling requirements for a Component,including desired replica changes, configurations for new instances, modifications for existing instances,and take offline/online the specified instances. (see [below for nested schema](#nestedatt--spec--horizontal_scaling)) +- `pre_condition_deadline_seconds` (Number) Specifies the maximum time in seconds that the OpsRequest will wait for its pre-conditions to be metbefore it aborts the operation.If set to 0 (default), pre-conditions must be satisfied immediately for the OpsRequest to proceed. +- `rebuild_from` (Attributes List) Specifies the parameters to rebuild some instances.Rebuilding an instance involves restoring its data from a backup or another database replica.The instances being rebuilt usually serve as standby in the cluster.Hence rebuilding instances is often also referred to as 'standby reconstruction'. (see [below for nested schema](#nestedatt--spec--rebuild_from)) +- `reconfigure` (Attributes) Specifies a component and its configuration updates.This field is deprecated and replaced by 'reconfigures'. (see [below for nested schema](#nestedatt--spec--reconfigure)) - `reconfigures` (Attributes List) Lists Reconfigure objects, each specifying a Component and its configuration updates. (see [below for nested schema](#nestedatt--spec--reconfigures)) - `restart` (Attributes List) Lists Components to be restarted. (see [below for nested schema](#nestedatt--spec--restart)) -- `restore` (Attributes) Specifies the parameters to restore a Cluster. Note that this restore operation will roll back cluster services. (see [below for nested schema](#nestedatt--spec--restore)) -- `restore_spec` (Attributes) Deprecated: since v0.9, use restore instead. Specifies the parameters to restore a Cluster. Note that this restore operation will roll back cluster services. (see [below for nested schema](#nestedatt--spec--restore_spec)) -- `script_spec` (Attributes) Specifies the image and scripts for executing engine-specific operations such as creating databases or users. It supports limited engines including MySQL, PostgreSQL, Redis, MongoDB. ScriptSpec has been replaced by the more versatile OpsDefinition. It is recommended to use OpsDefinition instead. ScriptSpec is deprecated and will be removed in a future version. (see [below for nested schema](#nestedatt--spec--script_spec)) +- `restore` (Attributes) Specifies the parameters to restore a Cluster.Note that this restore operation will roll back cluster services. (see [below for nested schema](#nestedatt--spec--restore)) +- `restore_spec` (Attributes) Deprecated: since v0.9, use restore instead.Specifies the parameters to restore a Cluster.Note that this restore operation will roll back cluster services. (see [below for nested schema](#nestedatt--spec--restore_spec)) +- `script_spec` (Attributes) Specifies the image and scripts for executing engine-specific operations such as creating databases or users.It supports limited engines including MySQL, PostgreSQL, Redis, MongoDB.ScriptSpec has been replaced by the more versatile OpsDefinition.It is recommended to use OpsDefinition instead.ScriptSpec is deprecated and will be removed in a future version. (see [below for nested schema](#nestedatt--spec--script_spec)) - `switchover` (Attributes List) Lists Switchover objects, each specifying a Component to perform the switchover operation. (see [below for nested schema](#nestedatt--spec--switchover)) -- `ttl_seconds_after_succeed` (Number) Specifies the duration in seconds that an OpsRequest will remain in the system after successfully completing (when 'opsRequest.status.phase' is 'Succeed') before automatic deletion. -- `upgrade` (Attributes) Specifies the desired new version of the Cluster. Note: This field is immutable once set. (see [below for nested schema](#nestedatt--spec--upgrade)) +- `ttl_seconds_after_succeed` (Number) Specifies the duration in seconds that an OpsRequest will remain in the system after successfully completing(when 'opsRequest.status.phase' is 'Succeed') before automatic deletion. +- `upgrade` (Attributes) Specifies the desired new version of the Cluster.Note: This field is immutable once set. (see [below for nested schema](#nestedatt--spec--upgrade)) - `vertical_scaling` (List of Map of String) Lists VerticalScaling objects, each specifying a component and its desired compute resources for vertical scaling. -- `volume_expansion` (Attributes List) Lists VolumeExpansion objects, each specifying a component and its corresponding volumeClaimTemplates that requires storage expansion. (see [below for nested schema](#nestedatt--spec--volume_expansion)) +- `volume_expansion` (Attributes List) Lists VolumeExpansion objects, each specifying a component and its corresponding volumeClaimTemplatesthat requires storage expansion. (see [below for nested schema](#nestedatt--spec--volume_expansion)) ### Nested Schema for `spec.backup` Optional: -- `backup_method` (String) Specifies the name of BackupMethod. The specified BackupMethod must be defined in the BackupPolicy. +- `backup_method` (String) Specifies the name of BackupMethod.The specified BackupMethod must be defined in the BackupPolicy. - `backup_name` (String) Specifies the name of the Backup custom resource. - `backup_policy_name` (String) Indicates the name of the BackupPolicy applied to perform this Backup. -- `deletion_policy` (String) Determines whether the backup contents stored in backup repository should be deleted when the Backup custom resource is deleted. Supported values are 'Retain' and 'Delete'. - 'Retain' means that the backup content and its physical snapshot on backup repository are kept. - 'Delete' means that the backup content and its physical snapshot on backup repository are deleted. +- `deletion_policy` (String) Determines whether the backup contents stored in backup repositoryshould be deleted when the Backup custom resource is deleted.Supported values are 'Retain' and 'Delete'.- 'Retain' means that the backup content and its physical snapshot on backup repository are kept.- 'Delete' means that the backup content and its physical snapshot on backup repository are deleted. - `parent_backup_name` (String) If the specified BackupMethod is incremental, 'parentBackupName' is required. -- `retention_period` (String) Determines the duration for which the Backup custom resources should be retained. The controller will automatically remove all Backup objects that are older than the specified RetentionPeriod. For example, RetentionPeriod of '30d' will keep only the Backup objects of last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m You can also combine the above durations. For example: 30d12h30m. If not set, the Backup objects will be kept forever. If the 'deletionPolicy' is set to 'Delete', then the associated backup data will also be deleted along with the Backup object. Otherwise, only the Backup custom resource will be deleted. +- `retention_period` (String) Determines the duration for which the Backup custom resources should be retained.The controller will automatically remove all Backup objects that are older than the specified RetentionPeriod.For example, RetentionPeriod of '30d' will keep only the Backup objects of last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mYou can also combine the above durations. For example: 30d12h30m.If not set, the Backup objects will be kept forever.If the 'deletionPolicy' is set to 'Delete', then the associated backup data will also be deletedalong with the Backup object.Otherwise, only the Backup custom resource will be deleted. @@ -100,12 +100,12 @@ Optional: Optional: -- `backup_method` (String) Specifies the name of BackupMethod. The specified BackupMethod must be defined in the BackupPolicy. +- `backup_method` (String) Specifies the name of BackupMethod.The specified BackupMethod must be defined in the BackupPolicy. - `backup_name` (String) Specifies the name of the Backup custom resource. - `backup_policy_name` (String) Indicates the name of the BackupPolicy applied to perform this Backup. -- `deletion_policy` (String) Determines whether the backup contents stored in backup repository should be deleted when the Backup custom resource is deleted. Supported values are 'Retain' and 'Delete'. - 'Retain' means that the backup content and its physical snapshot on backup repository are kept. - 'Delete' means that the backup content and its physical snapshot on backup repository are deleted. +- `deletion_policy` (String) Determines whether the backup contents stored in backup repositoryshould be deleted when the Backup custom resource is deleted.Supported values are 'Retain' and 'Delete'.- 'Retain' means that the backup content and its physical snapshot on backup repository are kept.- 'Delete' means that the backup content and its physical snapshot on backup repository are deleted. - `parent_backup_name` (String) If the specified BackupMethod is incremental, 'parentBackupName' is required. -- `retention_period` (String) Determines the duration for which the Backup custom resources should be retained. The controller will automatically remove all Backup objects that are older than the specified RetentionPeriod. For example, RetentionPeriod of '30d' will keep only the Backup objects of last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m You can also combine the above durations. For example: 30d12h30m. If not set, the Backup objects will be kept forever. If the 'deletionPolicy' is set to 'Delete', then the associated backup data will also be deleted along with the Backup object. Otherwise, only the Backup custom resource will be deleted. +- `retention_period` (String) Determines the duration for which the Backup custom resources should be retained.The controller will automatically remove all Backup objects that are older than the specified RetentionPeriod.For example, RetentionPeriod of '30d' will keep only the Backup objects of last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mYou can also combine the above durations. For example: 30d12h30m.If not set, the Backup objects will be kept forever.If the 'deletionPolicy' is set to 'Delete', then the associated backup data will also be deletedalong with the Backup object.Otherwise, only the Backup custom resource will be deleted. @@ -113,12 +113,12 @@ Optional: Required: -- `components` (Attributes List) Specifies the components and their parameters for executing custom actions as defined in OpsDefinition. Requires at least one component. (see [below for nested schema](#nestedatt--spec--custom--components)) +- `components` (Attributes List) Specifies the components and their parameters for executing custom actions as defined in OpsDefinition.Requires at least one component. (see [below for nested schema](#nestedatt--spec--custom--components)) - `ops_definition_name` (String) Specifies the name of the OpsDefinition. Optional: -- `max_concurrent_components` (String) Specifies the maximum number of components to be operated on concurrently to mitigate performance impact on clusters with multiple components. It accepts an absolute number (e.g., 5) or a percentage of components to execute in parallel (e.g., '10%'). Percentages are rounded up to the nearest whole number of components. For example, if '10%' results in less than one, it rounds up to 1. When unspecified, all components are processed simultaneously by default. Note: This feature is not implemented yet. +- `max_concurrent_components` (String) Specifies the maximum number of components to be operated on concurrently to mitigate performance impacton clusters with multiple components.It accepts an absolute number (e.g., 5) or a percentage of components to execute in parallel (e.g., '10%').Percentages are rounded up to the nearest whole number of components.For example, if '10%' results in less than one, it rounds up to 1.When unspecified, all components are processed simultaneously by default.Note: This feature is not implemented yet. - `service_account_name` (String) Specifies the name of the ServiceAccount to be used for executing the custom operation. @@ -138,7 +138,7 @@ Optional: Required: - `name` (String) Specifies the identifier of the parameter as defined in the OpsDefinition. -- `value` (String) Holds the data associated with the parameter. If the parameter type is an array, the format should be 'v1,v2,v3'. +- `value` (String) Holds the data associated with the parameter.If the parameter type is an array, the format should be 'v1,v2,v3'. @@ -148,8 +148,8 @@ Required: Required: -- `services` (Attributes List) Specifies a list of OpsService. When an OpsService is exposed, a corresponding ClusterService will be added to 'cluster.spec.services'. On the other hand, when an OpsService is unexposed, the corresponding ClusterService will be removed from 'cluster.spec.services'. Note: If 'componentName' is not specified, the 'ports' and 'selector' fields must be provided in each OpsService definition. (see [below for nested schema](#nestedatt--spec--expose--services)) -- `switch` (String) Indicates whether the services will be exposed. 'Enable' exposes the services. while 'Disable' removes the exposed Service. +- `services` (Attributes List) Specifies a list of OpsService.When an OpsService is exposed, a corresponding ClusterService will be added to 'cluster.spec.services'.On the other hand, when an OpsService is unexposed, the corresponding ClusterService will be removedfrom 'cluster.spec.services'.Note: If 'componentName' is not specified, the 'ports' and 'selector' fields must be providedin each OpsService definition. (see [below for nested schema](#nestedatt--spec--expose--services)) +- `switch` (String) Indicates whether the services will be exposed.'Enable' exposes the services. while 'Disable' removes the exposed Service. Optional: @@ -160,17 +160,17 @@ Optional: Required: -- `name` (String) Specifies the name of the Service. This name is used to set 'clusterService.name'. Note: This field cannot be updated. +- `name` (String) Specifies the name of the Service. This name is used to set 'clusterService.name'.Note: This field cannot be updated. Optional: -- `annotations` (Map of String) Contains cloud provider related parameters if ServiceType is LoadBalancer. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. -- `ip_families` (List of String) A list of IP families (e.g., IPv4, IPv6) assigned to this Service. Usually assigned automatically based on the cluster configuration and the 'ipFamilyPolicy' field. If specified manually, the requested IP family must be available in the cluster and allowed by the 'ipFamilyPolicy'. If the requested IP family is not available or not allowed, the Service creation will fail. Valid values: - 'IPv4' - 'IPv6' This field may hold a maximum of two entries (dual-stack families, in either order). Common combinations of 'ipFamilies' and 'ipFamilyPolicy' are: - ipFamilies=[] + ipFamilyPolicy='PreferDualStack' : The Service prefers dual-stack but can fall back to single-stack if the cluster does not support dual-stack. The IP family is automatically assigned based on the cluster configuration. - ipFamilies=['IPV4','IPV6'] + ipFamilyPolicy='RequiredDualStack' : The Service requires dual-stack and will only be created if the cluster supports both IPv4 and IPv6. The primary IP family is IPV4. - ipFamilies=['IPV6','IPV4'] + ipFamilyPolicy='RequiredDualStack' : The Service requires dual-stack and will only be created if the cluster supports both IPv4 and IPv6. The primary IP family is IPV6. - ipFamilies=['IPV4'] + ipFamilyPolicy='SingleStack' : The Service uses a single-stack with IPv4 only. - ipFamilies=['IPV6'] + ipFamilyPolicy='SingleStack' : The Service uses a single-stack with IPv6 only. -- `ip_family_policy` (String) Specifies whether the Service should use a single IP family (SingleStack) or two IP families (DualStack). Possible values: - 'SingleStack' (default) : The Service uses a single IP family. If no value is provided, IPFamilyPolicy defaults to SingleStack. - 'PreferDualStack' : The Service prefers to use two IP families on dual-stack configured clusters or a single IP family on single-stack clusters. - 'RequiredDualStack' : The Service requires two IP families on dual-stack configured clusters. If the cluster is not configured for dual-stack, the Service creation fails. -- `pod_selector` (Map of String) Routes service traffic to pods with matching label keys and values. If specified, the service will only be exposed to pods matching the selector. Note: At least one of 'roleSelector' or 'podSelector' must be specified. If both are specified, a pod must match both conditions to be selected. -- `ports` (Attributes List) Specifies Port definitions that are to be exposed by a ClusterService. If not specified, the Port definitions from non-NodePort and non-LoadBalancer type ComponentService defined in the ComponentDefinition ('componentDefinition.spec.services') will be used. If no matching ComponentService is found, the expose operation will fail. More info: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports (see [below for nested schema](#nestedatt--spec--expose--services--ports)) -- `role_selector` (String) Specifies a role to target with the service. If specified, the service will only be exposed to pods with the matching role. Note: At least one of 'roleSelector' or 'podSelector' must be specified. If both are specified, a pod must match both conditions to be selected. -- `service_type` (String) Determines how the Service is exposed. Defaults to 'ClusterIP'. Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'. - 'ClusterIP': allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects. - 'NodePort': builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. - 'LoadBalancer': builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for the expose operation. For more info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. +- `annotations` (Map of String) Contains cloud provider related parameters if ServiceType is LoadBalancer.More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +- `ip_families` (List of String) A list of IP families (e.g., IPv4, IPv6) assigned to this Service.Usually assigned automatically based on the cluster configuration and the 'ipFamilyPolicy' field.If specified manually, the requested IP family must be available in the cluster and allowed by the 'ipFamilyPolicy'.If the requested IP family is not available or not allowed, the Service creation will fail.Valid values:- 'IPv4'- 'IPv6'This field may hold a maximum of two entries (dual-stack families, in either order).Common combinations of 'ipFamilies' and 'ipFamilyPolicy' are:- ipFamilies=[] + ipFamilyPolicy='PreferDualStack' : The Service prefers dual-stack but can fall back to single-stack if the cluster does not support dual-stack. The IP family is automatically assigned based on the cluster configuration.- ipFamilies=['IPV4','IPV6'] + ipFamilyPolicy='RequiredDualStack' : The Service requires dual-stack and will only be created if the cluster supports both IPv4 and IPv6. The primary IP family is IPV4.- ipFamilies=['IPV6','IPV4'] + ipFamilyPolicy='RequiredDualStack' : The Service requires dual-stack and will only be created if the cluster supports both IPv4 and IPv6. The primary IP family is IPV6.- ipFamilies=['IPV4'] + ipFamilyPolicy='SingleStack' : The Service uses a single-stack with IPv4 only.- ipFamilies=['IPV6'] + ipFamilyPolicy='SingleStack' : The Service uses a single-stack with IPv6 only. +- `ip_family_policy` (String) Specifies whether the Service should use a single IP family (SingleStack) or two IP families (DualStack).Possible values:- 'SingleStack' (default) : The Service uses a single IP family. If no value is provided, IPFamilyPolicy defaults to SingleStack.- 'PreferDualStack' : The Service prefers to use two IP families on dual-stack configured clusters or a single IP family on single-stack clusters.- 'RequiredDualStack' : The Service requires two IP families on dual-stack configured clusters. If the cluster is not configured for dual-stack, the Service creation fails. +- `pod_selector` (Map of String) Routes service traffic to pods with matching label keys and values.If specified, the service will only be exposed to pods matching the selector.Note: At least one of 'roleSelector' or 'podSelector' must be specified.If both are specified, a pod must match both conditions to be selected. +- `ports` (Attributes List) Specifies Port definitions that are to be exposed by a ClusterService.If not specified, the Port definitions from non-NodePort and non-LoadBalancer type ComponentServicedefined in the ComponentDefinition ('componentDefinition.spec.services') will be used.If no matching ComponentService is found, the expose operation will fail.More info: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports (see [below for nested schema](#nestedatt--spec--expose--services--ports)) +- `role_selector` (String) Specifies a role to target with the service.If specified, the service will only be exposed to pods with the matching role.Note: At least one of 'roleSelector' or 'podSelector' must be specified.If both are specified, a pod must match both conditions to be selected. +- `service_type` (String) Determines how the Service is exposed. Defaults to 'ClusterIP'.Valid options are 'ClusterIP', 'NodePort', and 'LoadBalancer'.- 'ClusterIP': allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, they are determined by manual construction of an Endpoints object or EndpointSlice objects.- 'NodePort': builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP.- 'LoadBalancer': builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP.Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for the expose operation.For more info, see:https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. ### Nested Schema for `spec.expose.services.ports` @@ -181,11 +181,11 @@ Required: Optional: -- `app_protocol` (String) The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. -- `name` (String) The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. -- `node_port` (Number) The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport -- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'. Default is TCP. -- `target_port` (String) Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service +- `app_protocol` (String) The application protocol for this port.This is used as a hint for implementations to offer richer behavior for protocols that they understand.This field follows standard Kubernetes label syntax.Valid values are either:* Un-prefixed protocol names - reserved for IANA standard service names (as perRFC-6335 and https://www.iana.org/assignments/service-names).* Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455* Other protocols should use implementation-defined prefixed names such asmycompany.com/my-custom-protocol. +- `name` (String) The name of this port within the service. This must be a DNS_LABEL.All ports within a ServiceSpec must have unique names. When consideringthe endpoints for a Service, this must match the 'name' field in theEndpointPort.Optional if only one ServicePort is defined on this service. +- `node_port` (Number) The port on each node on which this service is exposed when type isNodePort or LoadBalancer. Usually assigned by the system. If a value isspecified, in-range, and not in use it will be used, otherwise theoperation will fail. If not specified, a port will be allocated if thisService requires one. If this field is specified when creating aService which does not need it, creation will fail. This field will bewiped when updating a Service to no longer need it (e.g. changing typefrom NodePort to ClusterIP).More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport +- `protocol` (String) The IP protocol for this port. Supports 'TCP', 'UDP', and 'SCTP'.Default is TCP. +- `target_port` (String) Number or name of the port to access on the pods targeted by the service.Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.If this is a string, it will be looked up as a named port in thetarget Pod's container ports. If this is not specified, the valueof the 'port' field is used (an identity map).This field is ignored for services with clusterIP=None, and should beomitted or set equal to the 'port' field.More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service @@ -199,16 +199,16 @@ Required: Optional: -- `replicas` (Number) Deprecated: since v0.9, use scaleOut and scaleIn instead. Specifies the number of replicas for the component. Cannot be used with 'scaleIn' and 'scaleOut'. -- `scale_in` (Attributes) Specifies the replica changes for scaling in components and instance templates, and takes specified instances offline. Can be used in conjunction with the 'scaleOut' operation. Note: Any configuration that creates instances is considered invalid. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_in)) -- `scale_out` (Attributes) Specifies the replica changes for scaling out components and instance templates, and brings offline instances back online. Can be used in conjunction with the 'scaleIn' operation. Note: Any configuration that deletes instances is considered invalid. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out)) +- `replicas` (Number) Deprecated: since v0.9, use scaleOut and scaleIn instead.Specifies the number of replicas for the component. Cannot be used with 'scaleIn' and 'scaleOut'. +- `scale_in` (Attributes) Specifies the replica changes for scaling in components and instance templates,and takes specified instances offline. Can be used in conjunction with the 'scaleOut' operation.Note: Any configuration that creates instances is considered invalid. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_in)) +- `scale_out` (Attributes) Specifies the replica changes for scaling out components and instance templates,and brings offline instances back online. Can be used in conjunction with the 'scaleIn' operation.Note: Any configuration that deletes instances is considered invalid. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out)) ### Nested Schema for `spec.horizontal_scaling.scale_in` Optional: -- `instances` (Attributes List) Modifies the desired replicas count for existing InstanceTemplate. if the inst (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_in--instances)) +- `instances` (Attributes List) Modifies the desired replicas count for existing InstanceTemplate.if the inst (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_in--instances)) - `online_instances_to_offline` (List of String) Specifies the instance names that need to be taken offline. - `replica_changes` (Number) Specifies the replica changes for the component. @@ -227,8 +227,8 @@ Required: Optional: -- `instances` (Attributes List) Modifies the desired replicas count for existing InstanceTemplate. if the inst (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--instances)) -- `new_instances` (Attributes List) Defines the configuration for new instances added during scaling, including resource requirements, labels, annotations, etc. New instances are created based on the provided instance templates. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances)) +- `instances` (Attributes List) Modifies the desired replicas count for existing InstanceTemplate.if the inst (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--instances)) +- `new_instances` (Attributes List) Defines the configuration for new instances added during scaling, including resource requirements, labels, annotations, etc.New instances are created based on the provided instance templates. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances)) - `offline_instances_to_online` (List of String) Specifies the instances in the offline list to bring back online. - `replica_changes` (Number) Specifies the replica changes for the component. @@ -246,20 +246,20 @@ Required: Required: -- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate. This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. The specified name overrides any default naming conventions or patterns. +- `name` (String) Name specifies the unique name of the instance Pod created using this InstanceTemplate.This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinalusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.The specified name overrides any default naming conventions or patterns. Optional: -- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations. Existing keys will have their values overwritten, while new keys will be added to the annotations. -- `env` (Attributes List) Defines Env to override. Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env)) +- `annotations` (Map of String) Specifies a map of key-value pairs to be merged into the Pod's existing annotations.Existing keys will have their values overwritten, while new keys will be added to the annotations. +- `env` (Attributes List) Defines Env to override.Add new or override existing envs. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env)) - `image` (String) Specifies an override for the first container's image in the Pod. -- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels. Values for existing keys will be overwritten, and new keys will be added. -- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate. This field allows setting how many replicated instances of the Component, with the specific overrides in the InstanceTemplate, are created. The default value is 1. A value of 0 disables instance creation. -- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod. This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--resources)) +- `labels` (Map of String) Specifies a map of key-value pairs that will be merged into the Pod's existing labels.Values for existing keys will be overwritten, and new keys will be added. +- `replicas` (Number) Specifies the number of instances (Pods) to create from this InstanceTemplate.This field allows setting how many replicated instances of the Component,with the specific overrides in the InstanceTemplate, are created.The default value is 1. A value of 0 disables instance creation. +- `resources` (Attributes) Specifies an override for the resource requirements of the first container in the Pod.This field allows for customizing resource allocation (CPU, memory, etc.) for the container. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--resources)) - `scheduling_policy` (Attributes) Specifies the scheduling policy for the Component. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy)) -- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override. Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates)) -- `volume_mounts` (Attributes List) Defines VolumeMounts to override. Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_mounts)) -- `volumes` (Attributes List) Defines Volumes to override. Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes)) +- `volume_claim_templates` (Attributes List) Defines VolumeClaimTemplates to override.Add new or override existing volume claim templates. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates)) +- `volume_mounts` (Attributes List) Defines VolumeMounts to override.Add new or override existing volume mounts of the first container in the Pod. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_mounts)) +- `volumes` (Attributes List) Defines Volumes to override.Add new or override existing volumes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.env` @@ -270,7 +270,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from)) @@ -279,8 +279,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--env--value_from--secret_key_ref)) @@ -292,7 +292,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -330,7 +330,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -341,16 +341,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -360,11 +360,11 @@ Required: Optional: - `affinity` (Attributes) Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity)) -- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, the scheduler simply schedules this Pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node. Selector which must match a node's labels for the Pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler. If not specified, the Pod will be dispatched by default scheduler. -- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints. Each toleration in the array allows the Pod to tolerate node taints based on specified 'key', 'value', 'effect', and 'operator'. - The 'key', 'value', and 'effect' identify the taint that the toleration matches. - The 'operator' determines how the toleration matches the taint. Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--tolerations)) -- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topology domains. Scheduler will schedule Pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--topology_spread_constraints)) +- `node_name` (String) NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,the scheduler simply schedules this Pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) NodeSelector is a selector which must be true for the Pod to fit on a node.Selector which must match a node's labels for the Pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) If specified, the Pod will be dispatched by specified scheduler.If not specified, the Pod will be dispatched by default scheduler. +- `tolerations` (Attributes List) Allows Pods to be scheduled onto nodes with matching taints.Each toleration in the array allows the Pod to tolerate node taints based onspecified 'key', 'value', 'effect', and 'operator'.- The 'key', 'value', and 'effect' identify the taint that the toleration matches.- The 'operator' determines how the toleration matches the taint.Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--tolerations)) +- `topology_spread_constraints` (Attributes List) TopologySpreadConstraints describes how a group of Pods ought to spread across topologydomains. Scheduler will schedule Pods in a way which abides by the constraints.All topologySpreadConstraints are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--topology_spread_constraints)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity` @@ -380,8 +380,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -405,11 +405,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -418,11 +418,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -448,11 +448,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -461,11 +461,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -476,8 +476,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -485,20 +485,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -506,7 +506,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -514,11 +514,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -528,7 +528,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -536,11 +536,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -551,13 +551,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -565,7 +565,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -573,11 +573,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -587,7 +587,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -595,11 +595,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -610,8 +610,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -619,20 +619,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -640,7 +640,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -648,11 +648,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -662,7 +662,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -670,11 +670,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -685,13 +685,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -699,7 +699,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -707,11 +707,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -721,7 +721,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -729,11 +729,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -745,11 +745,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -757,17 +757,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.topology_spread_constraints.label_selector` @@ -775,7 +775,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--scheduling_policy--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.scheduling_policy.topology_spread_constraints.label_selector.match_expressions` @@ -783,11 +783,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -798,20 +798,20 @@ Optional: Required: -- `name` (String) Refers to the name of a volumeMount defined in either: - 'componentDefinition.spec.runtime.containers[*].volumeMounts' - 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated) The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. +- `name` (String) Refers to the name of a volumeMount defined in either:- 'componentDefinition.spec.runtime.containers[*].volumeMounts'- 'clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts' (deprecated)The value of 'name' must match the 'name' field of a volumeMount specified in the corresponding 'volumeMounts' array. Optional: -- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume with the mount name specified in the 'name' field. When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification defined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec)) +- `spec` (Attributes) Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volumewith the mount name specified in the 'name' field.When a Pod is created for this ClusterComponent, a new PVC will be created based on the specificationdefined in the 'spec' field. The PVC will be associated with the volume mount specified by the 'name' field. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volume_claim_templates.spec` Optional: -- `access_modes` (Map of String) Contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. -- `resources` (Attributes) Represents the minimum resources the volume should have. If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec--resources)) -- `storage_class_name` (String) The name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. +- `access_modes` (Map of String) Contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. +- `resources` (Attributes) Represents the minimum resources the volume should have.If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements thatare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec--resources)) +- `storage_class_name` (String) The name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - `volume_mode` (String) Defines what type of volume is required by the claim, either Block or Filesystem. @@ -819,16 +819,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volume_claim_templates--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volume_claim_templates.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -839,15 +839,15 @@ Required: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -855,37 +855,37 @@ Optional: Required: -- `name` (String) name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `name` (String) name of the volume.Must be a DNS_LABEL and unique within the pod.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Optional: -- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--aws_elastic_block_store)) +- `aws_elastic_block_store` (Attributes) awsElasticBlockStore represents an AWS Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--aws_elastic_block_store)) - `azure_disk` (Attributes) azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--azure_disk)) - `azure_file` (Attributes) azureFile represents an Azure File Service mount on the host and bind mount to the pod. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--azure_file)) - `cephfs` (Attributes) cephFS represents a Ceph FS mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cephfs)) -- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cinder)) +- `cinder` (Attributes) cinder represents a cinder volume attached and mounted on kubelets host machine.More info: https://examples.k8s.io/mysql-cinder-pd/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cinder)) - `config_map` (Attributes) configMap represents a configMap that should populate this volume (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--config_map)) - `csi` (Attributes) csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--csi)) - `downward_api` (Attributes) downwardAPI represents downward API about the pod that should populate this volume (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--downward_api)) -- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--empty_dir)) -- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral)) +- `empty_dir` (Attributes) emptyDir represents a temporary directory that shares a pod's lifetime.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--empty_dir)) +- `ephemeral` (Attributes) ephemeral represents a volume that is handled by a cluster storage driver.The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,and deleted when the pod is removed.Use this if:a) the volume is only needed while the pod runs,b) features of normal volumes like restoring from snapshot or capacity tracking are needed,c) the storage driver is specified through a storage class, andd) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).Use PersistentVolumeClaim or one of the vendor-specificAPIs for volumes that persist for longer than the lifecycleof an individual pod.Use CSI for light-weight local ephemeral volumes if the CSI driver is meant tobe used that way - see the documentation of the driver formore information.A pod can use both types of ephemeral volumes andpersistent volumes at the same time. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral)) - `fc` (Attributes) fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--fc)) -- `flex_volume` (Attributes) flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--flex_volume)) +- `flex_volume` (Attributes) flexVolume represents a generic volume resource that isprovisioned/attached using an exec based plugin. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--flex_volume)) - `flocker` (Attributes) flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--flocker)) -- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--gce_persistent_disk)) -- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--git_repo)) -- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--glusterfs)) -- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--host_path)) -- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--iscsi)) -- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--nfs)) -- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--persistent_volume_claim)) +- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--gce_persistent_disk)) +- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision.DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount anEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDirinto the Pod's container. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--git_repo)) +- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--glusterfs)) +- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the hostmachine that is directly exposed to the container. This is generallyused for system agents or other privileged things that are allowedto see the host machine. Most containers will NOT need this.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath---TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can notmount host directories as read/write. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--host_path)) +- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to akubelet's host machine and then exposed to the pod.More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--iscsi)) +- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetimeMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--nfs)) +- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to aPersistentVolumeClaim in the same namespace.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--persistent_volume_claim)) - `photon_persistent_disk` (Attributes) photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--photon_persistent_disk)) - `portworx_volume` (Attributes) portworxVolume represents a portworx volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--portworx_volume)) - `projected` (Attributes) projected items for all in one resources secrets, configmaps, and downward API (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected)) - `quobyte` (Attributes) quobyte represents a Quobyte mount on the host that shares a pod's lifetime (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--quobyte)) -- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--rbd)) +- `rbd` (Attributes) rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.More info: https://examples.k8s.io/volumes/rbd/README.md (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--rbd)) - `scale_io` (Attributes) scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--scale_io)) -- `secret` (Attributes) secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--secret)) +- `secret` (Attributes) secret represents a secret that should populate this volume.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--secret)) - `storageos` (Attributes) storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--storageos)) - `vsphere_volume` (Attributes) vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--vsphere_volume)) @@ -894,13 +894,13 @@ Optional: Required: -- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `volume_id` (String) volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). -- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstoreTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). +- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts.More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore @@ -914,9 +914,9 @@ Required: Optional: - `caching_mode` (String) cachingMode is the Host Caching mode: None, Read Only, Read Write. -- `fs_type` (String) fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is Filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `kind` (String) kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -929,7 +929,7 @@ Required: Optional: -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -937,22 +937,22 @@ Optional: Required: -- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `monitors` (List of String) monitors is Required: Monitors is a collection of Ceph monitorsMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it Optional: - `path` (String) path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cephfs--secret_ref)) -- `user` (String) user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_file` (String) secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secretMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cephfs--secret_ref)) +- `user` (String) user is optional: User is the rados user name, default is adminMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.cephfs.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -961,20 +961,20 @@ Optional: Required: -- `volume_id` (String) volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `volume_id` (String) volumeID used to identify the volume in cinder.More info: https://examples.k8s.io/mysql-cinder-pd/README.md Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md -- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cinder--secret_ref)) +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts.More info: https://examples.k8s.io/mysql-cinder-pd/README.md +- `secret_ref` (Attributes) secretRef is optional: points to a secret object containing parameters used to connectto OpenStack. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--cinder--secret_ref)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.cinder.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -983,9 +983,9 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -994,11 +994,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1007,21 +1007,21 @@ Optional: Required: -- `driver` (String) driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. +- `driver` (String) driver is the name of the CSI driver that handles this volume.Consult with your admin for the correct name as registered in the cluster. Optional: -- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. -- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--csi--node_publish_secret_ref)) -- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). -- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. +- `fs_type` (String) fsType to mount. Ex. 'ext4', 'xfs', 'ntfs'.If not provided, the empty value is passed to the associated CSI driverwhich will determine the default filesystem to apply. +- `node_publish_secret_ref` (Attributes) nodePublishSecretRef is a reference to the secret object containingsensitive information to pass to the CSI driver to complete the CSINodePublishVolume and NodeUnpublishVolume calls.This field is optional, and may be empty if no secret is required. If thesecret object contains more than one secret, all secret references are passed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--csi--node_publish_secret_ref)) +- `read_only` (Boolean) readOnly specifies a read-only configuration for the volume.Defaults to false (read/write). +- `volume_attributes` (Map of String) volumeAttributes stores driver-specific properties that are passed to the CSIdriver. Consult your driver's documentation for supported values. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.csi.node_publish_secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1030,7 +1030,7 @@ Optional: Optional: -- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) Optional: mode bits to use on created files by default. Must be aOptional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `items` (Attributes List) Items is a list of downward API volume file (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--downward_api--items)) @@ -1043,8 +1043,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.downward_api.items.field_ref` @@ -1078,8 +1078,8 @@ Optional: Optional: -- `medium` (String) medium represents what type of storage medium should back this directory. The default is '' which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `medium` (String) medium represents what type of storage medium should back this directory.The default is '' which means to use the node's default medium.Must be an empty string (default) or Memory.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +- `size_limit` (String) sizeLimit is the total amount of local storage required for this EmptyDir volume.The size limit is also applicable for memory medium.The maximum usage on memory medium EmptyDir would be the minimum value betweenthe SizeLimit specified here and the sum of memory limits of all containers in a pod.The default is nil which means that the limit is undefined.More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir @@ -1087,31 +1087,31 @@ Optional: Optional: -- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be '-' where '' is the name from the 'PodSpec.Volumes' array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. Required, must not be nil. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template)) +- `volume_claim_template` (Attributes) Will be used to create a stand-alone PVC to provision the volume.The pod in which this EphemeralVolumeSource is embedded will be theowner of the PVC, i.e. the PVC will be deleted together with thepod. The name of the PVC will be '-' where'' is the name from the 'PodSpec.Volumes' arrayentry. Pod validation will reject the pod if the concatenated nameis not valid for a PVC (for example, too long).An existing PVC with that name that is not owned by the podwill *not* be used for the pod to avoid using an unrelatedvolume by mistake. Starting the pod is then blocked untilthe unrelated PVC is removed. If such a pre-created PVC ismeant to be used by the pod, the PVC has to updated with anowner reference to the pod once the pod exists. Normallythis should not be necessary, but it may be useful whenmanually reconstructing a broken cluster.This field is read-only and no changes will be made by Kubernetesto the PVC after it has been created.Required, must not be nil. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.ephemeral.volume_claim_template` Required: -- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec)) +- `spec` (Attributes) The specification for the PersistentVolumeClaim. The entire content iscopied unchanged into the PVC that gets created from thistemplate. The same fields as in a PersistentVolumeClaimare also valid here. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec)) Optional: -- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--metadata)) +- `metadata` (Attributes) May contain labels and annotations that will be copied into the PVCwhen creating it. No other fields are allowed and will be rejected duringvalidation. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--metadata)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.ephemeral.volume_claim_template.spec` Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -1124,7 +1124,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -1137,8 +1137,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -1146,16 +1146,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.ephemeral.volume_claim_template.spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -1165,7 +1165,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--ephemeral--volume_claim_template--spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.ephemeral.volume_claim_template.spec.selector.match_expressions` @@ -1173,11 +1173,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1201,11 +1201,11 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.TODO: how do we prevent errors in the filesystem from compromising the machine - `lun` (Number) lun is Optional: FC target lun number -- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs) -- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. +- `wwids` (List of String) wwids Optional: FC volume world wide identifiers (wwids)Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. @@ -1217,17 +1217,17 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. The default filesystem depends on FlexVolume script. - `options` (Map of String) options is Optional: this field holds extra command options if any. -- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--flex_volume--secret_ref)) +- `read_only` (Boolean) readOnly is Optional: defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef is Optional: secretRef is reference to the secret object containingsensitive information to pass to the plugin scripts. This may beempty if no secret object is specified. If the secret objectcontains more than one secret, all secrets are passed to the pluginscripts. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--flex_volume--secret_ref)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.flex_volume.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1236,7 +1236,7 @@ Optional: Optional: -- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated +- `dataset_name` (String) datasetName is Name of the dataset stored as metadata -> name on the dataset for Flockershould be considered as deprecated - `dataset_uuid` (String) datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -1245,13 +1245,13 @@ Optional: Required: -- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `pd_name` (String) pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk Optional: -- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine -- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `fs_type` (String) fsType is filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdiskTODO: how do we prevent errors in the filesystem from compromising the machine +- `partition` (Number) partition is the partition in the volume that you want to mount.If omitted, the default is to mount by volume name.Examples: For volume /dev/sda1, you specify the partition as '1'.Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk @@ -1263,7 +1263,7 @@ Required: Optional: -- `directory` (String) directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. +- `directory` (String) directory is the target directory name.Must not contain or start with '..'. If '.' is supplied, the volume directory will be thegit repository. Otherwise, if specified, the volume will contain the git repository inthe subdirectory with the given name. - `revision` (String) revision is the commit hash for the specified revision. @@ -1272,12 +1272,12 @@ Optional: Required: -- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod -- `path` (String) path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `endpoints` (String) endpoints is the endpoint name that details Glusterfs topology.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `path` (String) path is the Glusterfs volume path.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod Optional: -- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod +- `read_only` (Boolean) readOnly here will force the Glusterfs volume to be mounted with read-only permissions.Defaults to false.More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod @@ -1285,11 +1285,11 @@ Optional: Required: -- `path` (String) path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `path` (String) path of the directory on the host.If the path is a symlink, it will follow the link to the real path.More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Optional: -- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +- `type` (String) type for HostPath VolumeDefaults to ''More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath @@ -1299,17 +1299,17 @@ Required: - `iqn` (String) iqn is the target iSCSI Qualified Name. - `lun` (Number) lun represents iSCSI Target Lun number. -- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). +- `target_portal` (String) targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). Optional: - `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine -- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. -- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). -- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsiTODO: how do we prevent errors in the filesystem from compromising the machine +- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name.If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface: will be created for the connection. +- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport.Defaults to 'default' (tcp). +- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the portis other than default (typically TCP ports 860 and 3260). +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false. - `secret_ref` (Attributes) secretRef is the CHAP Secret for iSCSI target and initiator authentication (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--iscsi--secret_ref)) @@ -1317,7 +1317,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1326,12 +1326,12 @@ Optional: Required: -- `path` (String) path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -- `server` (String) server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `path` (String) path that is exported by the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `server` (String) server is the hostname or IP address of the NFS server.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs Optional: -- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +- `read_only` (Boolean) readOnly here will force the NFS export to be mounted with read-only permissions.Defaults to false.More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs @@ -1339,11 +1339,11 @@ Optional: Required: -- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +- `claim_name` (String) claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims Optional: -- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts. Default false. +- `read_only` (Boolean) readOnly Will force the ReadOnly setting in VolumeMounts.Default false. @@ -1355,7 +1355,7 @@ Required: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. @@ -1367,8 +1367,8 @@ Required: Optional: -- `fs_type` (String) fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `fs_type` (String) fSType represents the filesystem type to mountMust be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. @@ -1376,7 +1376,7 @@ Optional: Optional: -- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. - `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources)) @@ -1394,8 +1394,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--config_map--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedConfigMap will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the ConfigMap,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--config_map--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined @@ -1404,11 +1404,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1429,8 +1429,8 @@ Required: Optional: - `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--downward_api--items--field_ref)) -- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--downward_api--items--resource_field_ref)) +- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal valuebetween 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--downward_api--items--resource_field_ref)) ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.projected.sources.downward_api.items.field_ref` @@ -1464,8 +1464,8 @@ Optional: Optional: -- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--secret--items)) -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--projected--sources--secret--items)) +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) optional field specify whether the Secret or its key must be defined @@ -1474,11 +1474,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1487,12 +1487,12 @@ Optional: Required: -- `path` (String) path is the path relative to the mount point of the file to project the token into. +- `path` (String) path is the path relative to the mount point of the file to project thetoken into. Optional: -- `audience` (String) audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. -- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. +- `audience` (String) audience is the intended audience of the token. A recipient of a tokenmust identify itself with an identifier specified in the audience of thetoken, and otherwise should reject the token. The audience defaults to theidentifier of the apiserver. +- `expiration_seconds` (Number) expirationSeconds is the requested duration of validity of the serviceaccount token. As the token approaches expiration, the kubelet volumeplugin will proactively rotate the service account token. The kubelet willstart trying to rotate the token if the token is older than 80 percent ofits time to live or if the token is older than 24 hours.Defaults to 1 hourand must be at least 10 minutes. @@ -1502,15 +1502,15 @@ Optional: Required: -- `registry` (String) registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes +- `registry` (String) registry represents a single or multiple Quobyte Registry servicesspecified as a string as host:port pair (multiple entries are separated with commas)which acts as the central registry for volumes - `volume` (String) volume is a string that references an already created Quobyte volume by name. Optional: -- `group` (String) group to map volume access to Default is no group -- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. -- `tenant` (String) tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin -- `user` (String) user to map volume access to Defaults to serivceaccount user +- `group` (String) group to map volume access toDefault is no group +- `read_only` (Boolean) readOnly here will force the Quobyte volume to be mounted with read-only permissions.Defaults to false. +- `tenant` (String) tenant owning the given Quobyte volume in the BackendUsed with dynamically provisioned Quobyte volumes, value is set by the plugin +- `user` (String) user to map volume access toDefaults to serivceaccount user @@ -1518,24 +1518,24 @@ Optional: Required: -- `image` (String) image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `monitors` (List of String) monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `image` (String) image is the rados image name.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `monitors` (List of String) monitors is a collection of Ceph monitors.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it Optional: -- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine -- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--rbd--secret_ref)) -- `user` (String) user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount.Tip: Ensure that the filesystem type is supported by the host operating system.Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.More info: https://kubernetes.io/docs/concepts/storage/volumes#rbdTODO: how do we prevent errors in the filesystem from compromising the machine +- `keyring` (String) keyring is the path to key ring for RBDUser.Default is /etc/ceph/keyring.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `pool` (String) pool is the rados pool name.Default is rbd.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts.Defaults to false.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +- `secret_ref` (Attributes) secretRef is name of the authentication secret for RBDUser. If providedoverrides keyring.Default is nil.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--rbd--secret_ref)) +- `user` (String) user is the rados user name.Default is admin.More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.rbd.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1545,25 +1545,25 @@ Optional: Required: - `gateway` (String) gateway is the host address of the ScaleIO API Gateway. -- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--scale_io--secret_ref)) +- `secret_ref` (Attributes) secretRef references to the secret for ScaleIO user and othersensitive information. If this is not provided, Login operation will fail. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--scale_io--secret_ref)) - `system` (String) system is the name of the storage system as configured in ScaleIO. Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Default is 'xfs'. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'.Default is 'xfs'. - `protection_domain` (String) protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. -- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +- `read_only` (Boolean) readOnly Defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. - `ssl_enabled` (Boolean) sslEnabled Flag enable/disable SSL communication with Gateway, default false -- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +- `storage_mode` (String) storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.Default is ThinProvisioned. - `storage_pool` (String) storagePool is the ScaleIO Storage Pool associated with the protection domain. -- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. +- `volume_name` (String) volumeName is the name of a volume already created in the ScaleIO systemthat is associated with this volume source. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.scale_io.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1572,10 +1572,10 @@ Optional: Optional: -- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. -- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--secret--items)) +- `default_mode` (Number) defaultMode is Optional: mode bits used to set permissions on created files by default.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal valuesfor mode bits. Defaults to 0644.Directories within the path are not affected by this setting.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. +- `items` (Attributes List) items If unspecified, each key-value pair in the Data field of the referencedSecret will be projected into the volume as a file whose name is thekey and content is the value. If specified, the listed keys will beprojected into the specified paths, and unlisted keys will not bepresent. If a key is specified which is not present in the Secret,the volume setup will error unless it is marked optional. Paths must berelative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--secret--items)) - `optional` (Boolean) optional field specify whether the Secret or its keys must be defined -- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +- `secret_name` (String) secretName is the name of the secret in the pod's namespace to use.More info: https://kubernetes.io/docs/concepts/storage/volumes#secret ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.secret.items` @@ -1583,11 +1583,11 @@ Optional: Required: - `key` (String) key is the key to project. -- `path` (String) path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. +- `path` (String) path is the relative path of the file to map the key to.May not be an absolute path.May not contain the path element '..'.May not start with the string '..'. Optional: -- `mode` (Number) mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +- `mode` (Number) mode is Optional: mode bits used to set permissions on this file.Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.If not specified, the volume defaultMode will be used.This might be in conflict with other options that affect the filemode, like fsGroup, and the result can be other mode bits set. @@ -1596,18 +1596,18 @@ Optional: Optional: -- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. -- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. -- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--storageos--secret_ref)) -- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. -- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to 'default' if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. +- `fs_type` (String) fsType is the filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `read_only` (Boolean) readOnly defaults to false (read/write). ReadOnly here will forcethe ReadOnly setting in VolumeMounts. +- `secret_ref` (Attributes) secretRef specifies the secret to use for obtaining the StorageOS APIcredentials. If not specified, default values will be attempted. (see [below for nested schema](#nestedatt--spec--horizontal_scaling--scale_out--new_instances--volumes--storageos--secret_ref)) +- `volume_name` (String) volumeName is the human-readable name of the StorageOS volume. Volumenames are only unique within a namespace. +- `volume_namespace` (String) volumeNamespace specifies the scope of the volume within StorageOS. If nonamespace is specified then the Pod's namespace will be used. This allows theKubernetes name scoping to be mirrored within StorageOS for tighter integration.Set VolumeName to any name to override the default behaviour.Set to 'default' if you are not using namespaces within StorageOS.Namespaces that do not pre-exist within StorageOS will be created. ### Nested Schema for `spec.horizontal_scaling.scale_out.new_instances.volumes.storageos.secret_ref` Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? @@ -1620,7 +1620,7 @@ Required: Optional: -- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. +- `fs_type` (String) fsType is filesystem type to mount.Must be a filesystem type supported by the host operating system.Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. - `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name. @@ -1639,8 +1639,8 @@ Required: Optional: -- `backup_name` (String) Indicates the name of the Backup custom resource from which to recover the instance. Defaults to an empty PersistentVolume if unspecified. Note: - Only full physical backups are supported for multi-replica Components (e.g., 'xtrabackup' for MySQL). - Logical backups (e.g., 'mysqldump' for MySQL) are unsupported in the current version. -- `restore_env` (Map of String) Defines container environment variables for the restore process. merged with the ones specified in the Backup and ActionSet resources. Merge priority: Restore env > Backup env > ActionSet env. Purpose: Some databases require different configurations when being restored as a standby compared to being restored as a primary. For example, when restoring MySQL as a replica, you need to set 'skip_slave_start='ON'' for 5.7 or 'skip_replica_start='ON'' for 8.0. Allowing environment variables to be passed in makes it more convenient to control these behavioral differences during the restore process. +- `backup_name` (String) Indicates the name of the Backup custom resource from which to recover the instance.Defaults to an empty PersistentVolume if unspecified.Note:- Only full physical backups are supported for multi-replica Components (e.g., 'xtrabackup' for MySQL).- Logical backups (e.g., 'mysqldump' for MySQL) are unsupported in the current version. +- `restore_env` (Map of String) Defines container environment variables for the restore process.merged with the ones specified in the Backup and ActionSet resources.Merge priority: Restore env > Backup env > ActionSet env.Purpose: Some databases require different configurations when being restored as a standbycompared to being restored as a primary.For example, when restoring MySQL as a replica, you need to set 'skip_slave_start='ON'' for 5.7or 'skip_replica_start='ON'' for 8.0.Allowing environment variables to be passed in makes it more convenient to control these behavioral differencesduring the restore process. ### Nested Schema for `spec.rebuild_from.instances` @@ -1651,7 +1651,7 @@ Required: Optional: -- `target_node_name` (String) The instance will rebuild on the specified node when the instance uses local PersistentVolume as the storage disk. If not set, it will rebuild on a random node. +- `target_node_name` (String) The instance will rebuild on the specified node when the instance uses local PersistentVolume as the storage disk.If not set, it will rebuild on a random node. @@ -1661,14 +1661,14 @@ Optional: Required: - `component_name` (String) Specifies the name of the Component. -- `configurations` (Attributes List) Contains a list of ConfigurationItem objects, specifying the Component's configuration template name, upgrade policy, and parameter key-value pairs to be updated. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations)) +- `configurations` (Attributes List) Contains a list of ConfigurationItem objects, specifying the Component's configuration template name,upgrade policy, and parameter key-value pairs to be updated. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations)) ### Nested Schema for `spec.reconfigure.configurations` Required: -- `keys` (Attributes List) Sets the configuration files and their associated parameters that need to be updated. It should contain at least one item. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations--keys)) +- `keys` (Attributes List) Sets the configuration files and their associated parameters that need to be updated.It should contain at least one item. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations--keys)) - `name` (String) Specifies the name of the configuration template. Optional: @@ -1680,12 +1680,12 @@ Optional: Required: -- `key` (String) Represents a key in the configuration template(as ConfigMap). Each key in the ConfigMap corresponds to a specific configuration file. +- `key` (String) Represents a key in the configuration template(as ConfigMap).Each key in the ConfigMap corresponds to a specific configuration file. Optional: -- `file_content` (String) Specifies the content of the entire configuration file. This field is used to update the complete configuration file. Either the 'parameters' field or the 'fileContent' field must be set, but not both. -- `parameters` (Attributes List) Specifies a list of key-value pairs representing parameters and their corresponding values within a single configuration file. This field is used to override or set the values of parameters without modifying the entire configuration file. Either the 'parameters' field or the 'fileContent' field must be set, but not both. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations--keys--parameters)) +- `file_content` (String) Specifies the content of the entire configuration file.This field is used to update the complete configuration file.Either the 'parameters' field or the 'fileContent' field must be set, but not both. +- `parameters` (Attributes List) Specifies a list of key-value pairs representing parameters and their corresponding valueswithin a single configuration file.This field is used to override or set the values of parameters without modifying the entire configuration file.Either the 'parameters' field or the 'fileContent' field must be set, but not both. (see [below for nested schema](#nestedatt--spec--reconfigure--configurations--keys--parameters)) ### Nested Schema for `spec.reconfigure.configurations.keys.parameters` @@ -1696,7 +1696,7 @@ Required: Optional: -- `value` (String) Represents the parameter values that are to be updated. If set to nil, the parameter defined by the Key field will be removed from the configuration file. +- `value` (String) Represents the parameter values that are to be updated.If set to nil, the parameter defined by the Key field will be removed from the configuration file. @@ -1708,14 +1708,14 @@ Optional: Required: - `component_name` (String) Specifies the name of the Component. -- `configurations` (Attributes List) Contains a list of ConfigurationItem objects, specifying the Component's configuration template name, upgrade policy, and parameter key-value pairs to be updated. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations)) +- `configurations` (Attributes List) Contains a list of ConfigurationItem objects, specifying the Component's configuration template name,upgrade policy, and parameter key-value pairs to be updated. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations)) ### Nested Schema for `spec.reconfigures.configurations` Required: -- `keys` (Attributes List) Sets the configuration files and their associated parameters that need to be updated. It should contain at least one item. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations--keys)) +- `keys` (Attributes List) Sets the configuration files and their associated parameters that need to be updated.It should contain at least one item. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations--keys)) - `name` (String) Specifies the name of the configuration template. Optional: @@ -1727,12 +1727,12 @@ Optional: Required: -- `key` (String) Represents a key in the configuration template(as ConfigMap). Each key in the ConfigMap corresponds to a specific configuration file. +- `key` (String) Represents a key in the configuration template(as ConfigMap).Each key in the ConfigMap corresponds to a specific configuration file. Optional: -- `file_content` (String) Specifies the content of the entire configuration file. This field is used to update the complete configuration file. Either the 'parameters' field or the 'fileContent' field must be set, but not both. -- `parameters` (Attributes List) Specifies a list of key-value pairs representing parameters and their corresponding values within a single configuration file. This field is used to override or set the values of parameters without modifying the entire configuration file. Either the 'parameters' field or the 'fileContent' field must be set, but not both. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations--keys--parameters)) +- `file_content` (String) Specifies the content of the entire configuration file.This field is used to update the complete configuration file.Either the 'parameters' field or the 'fileContent' field must be set, but not both. +- `parameters` (Attributes List) Specifies a list of key-value pairs representing parameters and their corresponding valueswithin a single configuration file.This field is used to override or set the values of parameters without modifying the entire configuration file.Either the 'parameters' field or the 'fileContent' field must be set, but not both. (see [below for nested schema](#nestedatt--spec--reconfigures--configurations--keys--parameters)) ### Nested Schema for `spec.reconfigures.configurations.keys.parameters` @@ -1743,7 +1743,7 @@ Required: Optional: -- `value` (String) Represents the parameter values that are to be updated. If set to nil, the parameter defined by the Key field will be removed from the configuration file. +- `value` (String) Represents the parameter values that are to be updated.If set to nil, the parameter defined by the Key field will be removed from the configuration file. @@ -1766,9 +1766,9 @@ Required: Optional: -- `defer_post_ready_until_cluster_running` (Boolean) Controls the timing of PostReady actions during the recovery process. If false (default), PostReady actions execute when the Component reaches the 'Running' state. If true, PostReady actions are delayed until the entire Cluster is 'Running,' ensuring the cluster's overall stability before proceeding. This setting is useful for coordinating PostReady operations across the Cluster for optimal cluster conditions. -- `restore_point_in_time` (String) Specifies the point in time to which the restore should be performed. Supported time formats: - RFC3339 format, e.g. '2023-11-25T18:52:53Z' - A human-readable date-time format, e.g. 'Jul 25,2023 18:52:53 UTC+0800' -- `volume_restore_policy` (String) Specifies the policy for restoring volume claims of a Component's Pods. It determines whether the volume claims should be restored sequentially (one by one) or in parallel (all at once). Support values: - 'Serial' - 'Parallel' +- `defer_post_ready_until_cluster_running` (Boolean) Controls the timing of PostReady actions during the recovery process.If false (default), PostReady actions execute when the Component reaches the 'Running' state.If true, PostReady actions are delayed until the entire Cluster is 'Running,'ensuring the cluster's overall stability before proceeding.This setting is useful for coordinating PostReady operations across the Cluster for optimal cluster conditions. +- `restore_point_in_time` (String) Specifies the point in time to which the restore should be performed.Supported time formats:- RFC3339 format, e.g. '2023-11-25T18:52:53Z'- A human-readable date-time format, e.g. 'Jul 25,2023 18:52:53 UTC+0800' +- `volume_restore_policy` (String) Specifies the policy for restoring volume claims of a Component's Pods.It determines whether the volume claims should be restored sequentially (one by one) or in parallel (all at once).Support values:- 'Serial'- 'Parallel' @@ -1780,9 +1780,9 @@ Required: Optional: -- `defer_post_ready_until_cluster_running` (Boolean) Controls the timing of PostReady actions during the recovery process. If false (default), PostReady actions execute when the Component reaches the 'Running' state. If true, PostReady actions are delayed until the entire Cluster is 'Running,' ensuring the cluster's overall stability before proceeding. This setting is useful for coordinating PostReady operations across the Cluster for optimal cluster conditions. -- `restore_point_in_time` (String) Specifies the point in time to which the restore should be performed. Supported time formats: - RFC3339 format, e.g. '2023-11-25T18:52:53Z' - A human-readable date-time format, e.g. 'Jul 25,2023 18:52:53 UTC+0800' -- `volume_restore_policy` (String) Specifies the policy for restoring volume claims of a Component's Pods. It determines whether the volume claims should be restored sequentially (one by one) or in parallel (all at once). Support values: - 'Serial' - 'Parallel' +- `defer_post_ready_until_cluster_running` (Boolean) Controls the timing of PostReady actions during the recovery process.If false (default), PostReady actions execute when the Component reaches the 'Running' state.If true, PostReady actions are delayed until the entire Cluster is 'Running,'ensuring the cluster's overall stability before proceeding.This setting is useful for coordinating PostReady operations across the Cluster for optimal cluster conditions. +- `restore_point_in_time` (String) Specifies the point in time to which the restore should be performed.Supported time formats:- RFC3339 format, e.g. '2023-11-25T18:52:53Z'- A human-readable date-time format, e.g. 'Jul 25,2023 18:52:53 UTC+0800' +- `volume_restore_policy` (String) Specifies the policy for restoring volume claims of a Component's Pods.It determines whether the volume claims should be restored sequentially (one by one) or in parallel (all at once).Support values:- 'Serial'- 'Parallel' @@ -1794,19 +1794,19 @@ Required: Optional: -- `image` (String) Specifies the image to be used to execute scripts. By default, the image 'apecloud/kubeblocks-datascript:latest' is used. -- `script` (List of String) Defines the content of scripts to be executed. All scripts specified in this field will be executed in the order they are provided. Note: this field cannot be modified once set. -- `script_from` (Attributes) Specifies the sources of the scripts to be executed. Each script can be imported either from a ConfigMap or a Secret. All scripts obtained from the sources specified in this field will be executed after any scripts provided in the 'script' field. Execution order: 1. Scripts provided in the 'script' field, in the order of the scripts listed. 2. Scripts imported from ConfigMaps, in the order of the sources listed. 3. Scripts imported from Secrets, in the order of the sources listed. Note: this field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from)) +- `image` (String) Specifies the image to be used to execute scripts.By default, the image 'apecloud/kubeblocks-datascript:latest' is used. +- `script` (List of String) Defines the content of scripts to be executed.All scripts specified in this field will be executed in the order they are provided.Note: this field cannot be modified once set. +- `script_from` (Attributes) Specifies the sources of the scripts to be executed.Each script can be imported either from a ConfigMap or a Secret.All scripts obtained from the sources specified in this field will be executed afterany scripts provided in the 'script' field.Execution order:1. Scripts provided in the 'script' field, in the order of the scripts listed.2. Scripts imported from ConfigMaps, in the order of the sources listed.3. Scripts imported from Secrets, in the order of the sources listed.Note: this field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from)) - `secret` (Attributes) Defines the secret to be used to execute the script. If not specified, the default cluster root credential secret is used. (see [below for nested schema](#nestedatt--spec--script_spec--secret)) -- `selector` (Attributes) Specifies the labels used to select the Pods on which the script should be executed. By default, the script is executed on the Pod associated with the service named '{clusterName}-{componentName}', which typically routes to the Pod with the primary/leader role. However, some Components, such as Redis, do not synchronize account information between primary and secondary Pods. In these cases, the script must be executed on all replica Pods matching the selector. Note: this field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--selector)) +- `selector` (Attributes) Specifies the labels used to select the Pods on which the script should be executed.By default, the script is executed on the Pod associated with the service named '{clusterName}-{componentName}',which typically routes to the Pod with the primary/leader role.However, some Components, such as Redis, do not synchronize account information between primary and secondary Pods.In these cases, the script must be executed on all replica Pods matching the selector.Note: this field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--selector)) ### Nested Schema for `spec.script_spec.script_from` Optional: -- `config_map_ref` (Attributes List) A list of ConfigMapKeySelector objects, each specifies a ConfigMap and a key containing the script. Note: This field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from--config_map_ref)) -- `secret_ref` (Attributes List) A list of SecretKeySelector objects, each specifies a Secret and a key containing the script. Note: This field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from--secret_ref)) +- `config_map_ref` (Attributes List) A list of ConfigMapKeySelector objects, each specifies a ConfigMap and a key containing the script.Note: This field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from--config_map_ref)) +- `secret_ref` (Attributes List) A list of SecretKeySelector objects, each specifies a Secret and a key containing the script.Note: This field cannot be modified once set. (see [below for nested schema](#nestedatt--spec--script_spec--script_from--secret_ref)) ### Nested Schema for `spec.script_spec.script_from.config_map_ref` @@ -1817,7 +1817,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -1830,7 +1830,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -1854,7 +1854,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--script_spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.script_spec.selector.match_expressions` @@ -1862,11 +1862,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -1877,7 +1877,7 @@ Optional: Required: - `component_name` (String) Specifies the name of the Component. -- `instance_name` (String) Specifies the instance to become the primary or leader during a switchover operation. The value of 'instanceName' can be either: 1. '*' (wildcard value): - Indicates no specific instance is designated as the primary or leader. - Executes the switchover action from 'clusterDefinition.componentDefs[*].switchoverSpec.withoutCandidate'. - 'clusterDefinition.componentDefs[x].switchoverSpec.withoutCandidate' must be defined when using '*'. 2. A valid instance name (pod name): - Designates a specific instance (pod) as the primary or leader. - The name must match one of the pods in the component. Any non-valid pod name is considered invalid. - Executes the switchover action from 'clusterDefinition.componentDefs[*].switchoverSpec.withCandidate'. - 'clusterDefinition.componentDefs[*].switchoverSpec.withCandidate' must be defined when specifying a valid instance name. +- `instance_name` (String) Specifies the instance to become the primary or leader during a switchover operation.The value of 'instanceName' can be either:1. '*' (wildcard value):- Indicates no specific instance is designated as the primary or leader.- Executes the switchover action from 'clusterDefinition.componentDefs[*].switchoverSpec.withoutCandidate'.- 'clusterDefinition.componentDefs[x].switchoverSpec.withoutCandidate' must be defined when using '*'.2. A valid instance name (pod name):- Designates a specific instance (pod) as the primary or leader.- The name must match one of the pods in the component. Any non-valid pod name is considered invalid.- Executes the switchover action from 'clusterDefinition.componentDefs[*].switchoverSpec.withCandidate'.- 'clusterDefinition.componentDefs[*].switchoverSpec.withCandidate' must be defined when specifying a valid instance name. @@ -1885,8 +1885,8 @@ Required: Optional: -- `cluster_version_ref` (String) Deprecated: since v0.9 because ClusterVersion is deprecated. Specifies the name of the target ClusterVersion for the upgrade. -- `components` (Attributes List) Lists components to be upgrade based on desired ComponentDefinition and ServiceVersion. From the perspective of cluster API, the reasonable combinations should be: 1. (comp-def, service-ver) - upgrade to the specified service version and component definition, the user takes the responsibility to ensure that they are compatible. 2. ('', service-ver) - upgrade to the specified service version, let the operator choose the latest compatible component definition. 3. (comp-def, '') - upgrade to the specified component definition, let the operator choose the latest compatible service version. 4. ('', '') - upgrade to the latest service version and component definition, the operator will ensure the compatibility between the selected versions. (see [below for nested schema](#nestedatt--spec--upgrade--components)) +- `cluster_version_ref` (String) Deprecated: since v0.9 because ClusterVersion is deprecated.Specifies the name of the target ClusterVersion for the upgrade. +- `components` (Attributes List) Lists components to be upgrade based on desired ComponentDefinition and ServiceVersion.From the perspective of cluster API, the reasonable combinations should be:1. (comp-def, service-ver) - upgrade to the specified service version and component definition, the user takes the responsibility to ensure that they are compatible.2. ('', service-ver) - upgrade to the specified service version, let the operator choose the latest compatible component definition.3. (comp-def, '') - upgrade to the specified component definition, let the operator choose the latest compatible service version.4. ('', '') - upgrade to the latest service version and component definition, the operator will ensure the compatibility between the selected versions. (see [below for nested schema](#nestedatt--spec--upgrade--components)) ### Nested Schema for `spec.upgrade.components` @@ -1898,7 +1898,7 @@ Required: Optional: - `component_definition_name` (String) Specifies the name of the ComponentDefinition. -- `service_version` (String) Specifies the version of the Service expected to be provisioned by this Component. Referring to the ServiceVersion defined by the ComponentDefinition and ComponentVersion. And ServiceVersion in ClusterComponentSpec is optional, when no version is specified, use the latest available version in ComponentVersion. +- `service_version` (String) Specifies the version of the Service expected to be provisioned by this Component.Referring to the ServiceVersion defined by the ComponentDefinition and ComponentVersion.And ServiceVersion in ClusterComponentSpec is optional, when no version is specified,use the latest available version in ComponentVersion. @@ -1908,7 +1908,7 @@ Optional: Required: - `component_name` (String) Specifies the name of the Component. -- `volume_claim_templates` (Attributes List) Specifies a list of OpsRequestVolumeClaimTemplate objects, defining the volumeClaimTemplates that are used to expand the storage and the desired storage size for each one. (see [below for nested schema](#nestedatt--spec--volume_expansion--volume_claim_templates)) +- `volume_claim_templates` (Attributes List) Specifies a list of OpsRequestVolumeClaimTemplate objects, defining the volumeClaimTemplatesthat are used to expand the storage and the desired storage size for each one. (see [below for nested schema](#nestedatt--spec--volume_expansion--volume_claim_templates)) Optional: @@ -1919,7 +1919,7 @@ Optional: Required: -- `name` (String) Specify the name of the volumeClaimTemplate in the Component. The specified name must match one of the volumeClaimTemplates defined in the 'clusterComponentSpec.volumeClaimTemplates' field. +- `name` (String) Specify the name of the volumeClaimTemplate in the Component.The specified name must match one of the volumeClaimTemplates definedin the 'clusterComponentSpec.volumeClaimTemplates' field. - `storage` (String) Specifies the desired storage size for the volume. @@ -1936,5 +1936,5 @@ Required: Required: -- `name` (String) Specify the name of the volumeClaimTemplate in the Component. The specified name must match one of the volumeClaimTemplates defined in the 'clusterComponentSpec.volumeClaimTemplates' field. +- `name` (String) Specify the name of the volumeClaimTemplate in the Component.The specified name must match one of the volumeClaimTemplates definedin the 'clusterComponentSpec.volumeClaimTemplates' field. - `storage` (String) Specifies the desired storage size for the volume. diff --git a/docs/data-sources/apps_kubeblocks_io_service_descriptor_v1alpha1_manifest.md b/docs/data-sources/apps_kubeblocks_io_service_descriptor_v1alpha1_manifest.md index 5afb97274..6b6c004a5 100644 --- a/docs/data-sources/apps_kubeblocks_io_service_descriptor_v1alpha1_manifest.md +++ b/docs/data-sources/apps_kubeblocks_io_service_descriptor_v1alpha1_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_apps_kubeblocks_io_service_descriptor_v1alpha1_manifest Data Source - terraform-provider-k8s" subcategory: "apps.kubeblocks.io" description: |- - ServiceDescriptor describes a service provided by external sources. It contains the necessary details such as the service's address and connection credentials. To enable a Cluster to access this service, the ServiceDescriptor's name should be specified in the Cluster configuration under 'clusterComponent.serviceRefs[*].serviceDescriptor'. + ServiceDescriptor describes a service provided by external sources.It contains the necessary details such as the service's address and connection credentials.To enable a Cluster to access this service, the ServiceDescriptor's name should be specifiedin the Cluster configuration under 'clusterComponent.serviceRefs[*].serviceDescriptor'. --- # k8s_apps_kubeblocks_io_service_descriptor_v1alpha1_manifest (Data Source) -ServiceDescriptor describes a service provided by external sources. It contains the necessary details such as the service's address and connection credentials. To enable a Cluster to access this service, the ServiceDescriptor's name should be specified in the Cluster configuration under 'clusterComponent.serviceRefs[*].serviceDescriptor'. +ServiceDescriptor describes a service provided by external sources.It contains the necessary details such as the service's address and connection credentials.To enable a Cluster to access this service, the ServiceDescriptor's name should be specifiedin the Cluster configuration under 'clusterComponent.serviceRefs[*].serviceDescriptor'. ## Example Usage @@ -55,13 +55,13 @@ Optional: Required: -- `service_kind` (String) Describes the type of database service provided by the external service. For example, 'mysql', 'redis', 'mongodb'. This field categorizes databases by their functionality, protocol and compatibility, facilitating appropriate service integration based on their unique capabilities. This field is case-insensitive. It also supports abbreviations for some well-known databases: - 'pg', 'pgsql', 'postgres', 'postgresql': PostgreSQL service - 'zk', 'zookeeper': ZooKeeper service - 'es', 'elasticsearch': Elasticsearch service - 'mongo', 'mongodb': MongoDB service - 'ch', 'clickhouse': ClickHouse service -- `service_version` (String) Describes the version of the service provided by the external service. This is crucial for ensuring compatibility between different components of the system, as different versions of a service may have varying features. +- `service_kind` (String) Describes the type of database service provided by the external service.For example, 'mysql', 'redis', 'mongodb'.This field categorizes databases by their functionality, protocol and compatibility, facilitating appropriateservice integration based on their unique capabilities.This field is case-insensitive.It also supports abbreviations for some well-known databases:- 'pg', 'pgsql', 'postgres', 'postgresql': PostgreSQL service- 'zk', 'zookeeper': ZooKeeper service- 'es', 'elasticsearch': Elasticsearch service- 'mongo', 'mongodb': MongoDB service- 'ch', 'clickhouse': ClickHouse service +- `service_version` (String) Describes the version of the service provided by the external service.This is crucial for ensuring compatibility between different components of the system,as different versions of a service may have varying features. Optional: - `auth` (Attributes) Specifies the authentication credentials required for accessing an external service. (see [below for nested schema](#nestedatt--spec--auth)) -- `endpoint` (Attributes) Specifies the endpoint of the external service. If the service is exposed via a cluster, the endpoint will be provided in the format of 'host:port'. (see [below for nested schema](#nestedatt--spec--endpoint)) +- `endpoint` (Attributes) Specifies the endpoint of the external service.If the service is exposed via a cluster, the endpoint will be provided in the format of 'host:port'. (see [below for nested schema](#nestedatt--spec--endpoint)) - `host` (Attributes) Specifies the service or IP address of the external service. (see [below for nested schema](#nestedatt--spec--host)) - `port` (Attributes) Specifies the port of the external service. (see [below for nested schema](#nestedatt--spec--port)) @@ -78,7 +78,7 @@ Optional: Optional: -- `value` (String) Holds a direct string or an expression that can be evaluated to a string. It can include variables denoted by $(VAR_NAME). These variables are expanded to the value of the environment variables defined in the container. If a variable cannot be resolved, it remains unchanged in the output. To escape variable expansion and retain the literal value, use double $ characters. For example: - '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME. - '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion. Default value is an empty string. +- `value` (String) Holds a direct string or an expression that can be evaluated to a string.It can include variables denoted by $(VAR_NAME).These variables are expanded to the value of the environment variables defined in the container.If a variable cannot be resolved, it remains unchanged in the output.To escape variable expansion and retain the literal value, use double $ characters.For example:- '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME.- '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion.Default value is an empty string. - `value_from` (Attributes) Specifies the source for the variable's value. (see [below for nested schema](#nestedatt--spec--auth--password--value_from)) @@ -87,8 +87,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--auth--password--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--auth--password--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--auth--password--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--auth--password--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--auth--password--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--auth--password--value_from--secret_key_ref)) @@ -100,7 +100,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -138,7 +138,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -149,7 +149,7 @@ Optional: Optional: -- `value` (String) Holds a direct string or an expression that can be evaluated to a string. It can include variables denoted by $(VAR_NAME). These variables are expanded to the value of the environment variables defined in the container. If a variable cannot be resolved, it remains unchanged in the output. To escape variable expansion and retain the literal value, use double $ characters. For example: - '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME. - '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion. Default value is an empty string. +- `value` (String) Holds a direct string or an expression that can be evaluated to a string.It can include variables denoted by $(VAR_NAME).These variables are expanded to the value of the environment variables defined in the container.If a variable cannot be resolved, it remains unchanged in the output.To escape variable expansion and retain the literal value, use double $ characters.For example:- '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME.- '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion.Default value is an empty string. - `value_from` (Attributes) Specifies the source for the variable's value. (see [below for nested schema](#nestedatt--spec--auth--username--value_from)) @@ -158,8 +158,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--auth--username--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--auth--username--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--auth--username--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--auth--username--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--auth--username--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--auth--username--value_from--secret_key_ref)) @@ -171,7 +171,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -209,7 +209,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -221,7 +221,7 @@ Optional: Optional: -- `value` (String) Holds a direct string or an expression that can be evaluated to a string. It can include variables denoted by $(VAR_NAME). These variables are expanded to the value of the environment variables defined in the container. If a variable cannot be resolved, it remains unchanged in the output. To escape variable expansion and retain the literal value, use double $ characters. For example: - '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME. - '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion. Default value is an empty string. +- `value` (String) Holds a direct string or an expression that can be evaluated to a string.It can include variables denoted by $(VAR_NAME).These variables are expanded to the value of the environment variables defined in the container.If a variable cannot be resolved, it remains unchanged in the output.To escape variable expansion and retain the literal value, use double $ characters.For example:- '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME.- '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion.Default value is an empty string. - `value_from` (Attributes) Specifies the source for the variable's value. (see [below for nested schema](#nestedatt--spec--endpoint--value_from)) @@ -230,8 +230,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--endpoint--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--endpoint--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--endpoint--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--endpoint--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--endpoint--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--endpoint--value_from--secret_key_ref)) @@ -243,7 +243,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -281,7 +281,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -292,7 +292,7 @@ Optional: Optional: -- `value` (String) Holds a direct string or an expression that can be evaluated to a string. It can include variables denoted by $(VAR_NAME). These variables are expanded to the value of the environment variables defined in the container. If a variable cannot be resolved, it remains unchanged in the output. To escape variable expansion and retain the literal value, use double $ characters. For example: - '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME. - '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion. Default value is an empty string. +- `value` (String) Holds a direct string or an expression that can be evaluated to a string.It can include variables denoted by $(VAR_NAME).These variables are expanded to the value of the environment variables defined in the container.If a variable cannot be resolved, it remains unchanged in the output.To escape variable expansion and retain the literal value, use double $ characters.For example:- '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME.- '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion.Default value is an empty string. - `value_from` (Attributes) Specifies the source for the variable's value. (see [below for nested schema](#nestedatt--spec--host--value_from)) @@ -301,8 +301,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--host--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--host--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--host--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--host--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--host--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--host--value_from--secret_key_ref)) @@ -314,7 +314,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -352,7 +352,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -363,7 +363,7 @@ Optional: Optional: -- `value` (String) Holds a direct string or an expression that can be evaluated to a string. It can include variables denoted by $(VAR_NAME). These variables are expanded to the value of the environment variables defined in the container. If a variable cannot be resolved, it remains unchanged in the output. To escape variable expansion and retain the literal value, use double $ characters. For example: - '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME. - '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion. Default value is an empty string. +- `value` (String) Holds a direct string or an expression that can be evaluated to a string.It can include variables denoted by $(VAR_NAME).These variables are expanded to the value of the environment variables defined in the container.If a variable cannot be resolved, it remains unchanged in the output.To escape variable expansion and retain the literal value, use double $ characters.For example:- '$(VAR_NAME)' will be expanded to the value of the environment variable VAR_NAME.- '$$(VAR_NAME)' will result in '$(VAR_NAME)' in the output, without any variable expansion.Default value is an empty string. - `value_from` (Attributes) Specifies the source for the variable's value. (see [below for nested schema](#nestedatt--spec--port--value_from)) @@ -372,8 +372,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--port--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--port--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--port--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--port--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--port--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--port--value_from--secret_key_ref)) @@ -385,7 +385,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -423,5 +423,5 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined diff --git a/docs/data-sources/camel_apache_org_integration_platform_v1_manifest.md b/docs/data-sources/camel_apache_org_integration_platform_v1_manifest.md index 96405b6cc..54c1449e4 100644 --- a/docs/data-sources/camel_apache_org_integration_platform_v1_manifest.md +++ b/docs/data-sources/camel_apache_org_integration_platform_v1_manifest.md @@ -623,7 +623,9 @@ Optional: - `endpoint_sources` (List of String) List of channels used as source of integration routes. - `event_sinks` (List of String) List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker). - `event_sources` (List of String) List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from 'default'). +- `filter_event_type` (Boolean) Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) - `filter_source_channels` (Boolean) Enables filtering on events based on the header 'ce-knativehistory'. Since this header has been removed in newer versions of Knative, filtering is disabled by default. +- `filters` (List of String) Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., 'source='my.source''. Filter attributes get set on the Knative trigger that is being created as part of this integration. - `namespace_label` (Boolean) Enables the camel-k-operator to set the 'bindings.knative.dev/include=true' label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) - `sink_binding` (Boolean) Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source). diff --git a/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md b/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md index 57314cda0..78a1e94db 100644 --- a/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md +++ b/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md @@ -588,7 +588,9 @@ Optional: - `endpoint_sources` (List of String) List of channels used as source of integration routes. - `event_sinks` (List of String) List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker). - `event_sources` (List of String) List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from 'default'). +- `filter_event_type` (Boolean) Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) - `filter_source_channels` (Boolean) Enables filtering on events based on the header 'ce-knativehistory'. Since this header has been removed in newer versions of Knative, filtering is disabled by default. +- `filters` (List of String) Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., 'source='my.source''. Filter attributes get set on the Knative trigger that is being created as part of this integration. - `namespace_label` (Boolean) Enables the camel-k-operator to set the 'bindings.knative.dev/include=true' label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) - `sink_binding` (Boolean) Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source). diff --git a/docs/data-sources/camel_apache_org_integration_v1_manifest.md b/docs/data-sources/camel_apache_org_integration_v1_manifest.md index 99e56a0a3..94bde49f6 100644 --- a/docs/data-sources/camel_apache_org_integration_v1_manifest.md +++ b/docs/data-sources/camel_apache_org_integration_v1_manifest.md @@ -3149,7 +3149,9 @@ Optional: - `endpoint_sources` (List of String) List of channels used as source of integration routes. - `event_sinks` (List of String) List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker). - `event_sources` (List of String) List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from 'default'). +- `filter_event_type` (Boolean) Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) - `filter_source_channels` (Boolean) Enables filtering on events based on the header 'ce-knativehistory'. Since this header has been removed in newer versions of Knative, filtering is disabled by default. +- `filters` (List of String) Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., 'source='my.source''. Filter attributes get set on the Knative trigger that is being created as part of this integration. - `namespace_label` (Boolean) Enables the camel-k-operator to set the 'bindings.knative.dev/include=true' label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) - `sink_binding` (Boolean) Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source). diff --git a/docs/data-sources/camel_apache_org_kamelet_binding_v1alpha1_manifest.md b/docs/data-sources/camel_apache_org_kamelet_binding_v1alpha1_manifest.md index 492c5fd08..cb79ba83a 100644 --- a/docs/data-sources/camel_apache_org_kamelet_binding_v1alpha1_manifest.md +++ b/docs/data-sources/camel_apache_org_kamelet_binding_v1alpha1_manifest.md @@ -3162,7 +3162,9 @@ Optional: - `endpoint_sources` (List of String) List of channels used as source of integration routes. - `event_sinks` (List of String) List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker). - `event_sources` (List of String) List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from 'default'). +- `filter_event_type` (Boolean) Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) - `filter_source_channels` (Boolean) Enables filtering on events based on the header 'ce-knativehistory'. Since this header has been removed in newer versions of Knative, filtering is disabled by default. +- `filters` (List of String) Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., 'source='my.source''. Filter attributes get set on the Knative trigger that is being created as part of this integration. - `namespace_label` (Boolean) Enables the camel-k-operator to set the 'bindings.knative.dev/include=true' label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) - `sink_binding` (Boolean) Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source). diff --git a/docs/data-sources/camel_apache_org_pipe_v1_manifest.md b/docs/data-sources/camel_apache_org_pipe_v1_manifest.md index 71225e1e9..4e4b94267 100644 --- a/docs/data-sources/camel_apache_org_pipe_v1_manifest.md +++ b/docs/data-sources/camel_apache_org_pipe_v1_manifest.md @@ -3162,7 +3162,9 @@ Optional: - `endpoint_sources` (List of String) List of channels used as source of integration routes. - `event_sinks` (List of String) List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker). - `event_sources` (List of String) List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from 'default'). +- `filter_event_type` (Boolean) Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) - `filter_source_channels` (Boolean) Enables filtering on events based on the header 'ce-knativehistory'. Since this header has been removed in newer versions of Knative, filtering is disabled by default. +- `filters` (List of String) Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., 'source='my.source''. Filter attributes get set on the Knative trigger that is being created as part of this integration. - `namespace_label` (Boolean) Enables the camel-k-operator to set the 'bindings.knative.dev/include=true' label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) - `sink_binding` (Boolean) Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source). diff --git a/docs/data-sources/canaries_flanksource_com_canary_v1_manifest.md b/docs/data-sources/canaries_flanksource_com_canary_v1_manifest.md index 2b92ee0da..ed689b1bd 100644 --- a/docs/data-sources/canaries_flanksource_com_canary_v1_manifest.md +++ b/docs/data-sources/canaries_flanksource_com_canary_v1_manifest.md @@ -113,6 +113,7 @@ Required: Optional: - `alerts` (List of String) +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--bearer)) - `connection` (String) Connection name e.g. connection://http/google - `description` (String) Description for the check - `display` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--display)) @@ -123,6 +124,7 @@ Optional: - `labels` (Map of String) Labels for the check - `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--alertmanager--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth)) - `password` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--password)) - `relationships` (Attributes) Relationships defines a way to link the check results to components and configsusing lookup expressions. (see [below for nested schema](#nestedatt--spec--alertmanager--relationships)) - `test` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--test)) @@ -131,6 +133,63 @@ Optional: - `url` (String) Connection url, interpolated with username,password - `username` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--username)) + +### Nested Schema for `spec.alertmanager.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--bearer--value_from)) + + +### Nested Schema for `spec.alertmanager.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.alertmanager.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + ### Nested Schema for `spec.alertmanager.display` @@ -166,6 +225,132 @@ Optional: + +### Nested Schema for `spec.alertmanager.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.alertmanager.oauth.client_id` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_id--value_from)) + + +### Nested Schema for `spec.alertmanager.oauth.client_id.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.alertmanager.oauth.client_id.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.oauth.client_id.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.oauth.client_id.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.alertmanager.oauth.client_secret` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_secret--value_from)) + + +### Nested Schema for `spec.alertmanager.oauth.client_secret.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--alertmanager--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.alertmanager.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.alertmanager.oauth.client_secret.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + ### Nested Schema for `spec.alertmanager.password` @@ -2304,6 +2489,7 @@ Required: Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--bearer)) - `connection` (String) Connection name e.g. connection://http/google - `description` (String) Description for the check - `display` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--display)) @@ -2312,6 +2498,7 @@ Optional: - `labels` (Map of String) Labels for the check - `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--elasticsearch--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth)) - `password` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password)) - `query` (String) - `results` (Number) @@ -2321,6 +2508,63 @@ Optional: - `url` (String) Connection url, interpolated with username,password - `username` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username)) + +### Nested Schema for `spec.elasticsearch.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--bearer--value_from)) + + +### Nested Schema for `spec.elasticsearch.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.elasticsearch.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + ### Nested Schema for `spec.elasticsearch.display` @@ -2356,27 +2600,38 @@ Optional: - -### Nested Schema for `spec.elasticsearch.password` + +### Nested Schema for `spec.elasticsearch.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.elasticsearch.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_id--value_from)) - -### Nested Schema for `spec.elasticsearch.password.value_from` + +### Nested Schema for `spec.elasticsearch.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.elasticsearch.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_id.value_from.config_map_key_ref` Required: @@ -2387,8 +2642,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.elasticsearch.password.value_from.helm_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_id.value_from.helm_ref` Required: @@ -2399,8 +2654,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.elasticsearch.password.value_from.secret_key_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_id.value_from.secret_key_ref` Required: @@ -2413,49 +2668,27 @@ Optional: - -### Nested Schema for `spec.elasticsearch.test` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.elasticsearch.transform` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.elasticsearch.username` + +### Nested Schema for `spec.elasticsearch.oauth.client_secret` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_secret--value_from)) - -### Nested Schema for `spec.elasticsearch.username.value_from` + +### Nested Schema for `spec.elasticsearch.oauth.client_secret.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--oauth--client_secret--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.elasticsearch.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_secret.value_from.config_map_key_ref` Required: @@ -2466,8 +2699,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.elasticsearch.username.value_from.helm_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_secret.value_from.helm_ref` Required: @@ -2478,8 +2711,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.elasticsearch.username.value_from.secret_key_ref` + +### Nested Schema for `spec.elasticsearch.oauth.client_secret.value_from.secret_key_ref` Required: @@ -2493,27 +2726,164 @@ Optional: - -### Nested Schema for `spec.env` + +### Nested Schema for `spec.elasticsearch.password` Optional: -- `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--env--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations,spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--env--field_ref)) -- `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--env--secret_key_ref)) +- `name` (String) - `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from)) - -### Nested Schema for `spec.env.config_map_key_ref` - -Required: - -- `key` (String) The key to select. + +### Nested Schema for `spec.elasticsearch.password.value_from` Optional: -- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? -- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.elasticsearch.password.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.password.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.password.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.elasticsearch.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.elasticsearch.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.elasticsearch.username` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from)) + + +### Nested Schema for `spec.elasticsearch.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--elasticsearch--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.elasticsearch.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.elasticsearch.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.env` + +Optional: + +- `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--env--config_map_key_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations,spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--env--field_ref)) +- `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--env--secret_key_ref)) +- `value` (String) + + +### Nested Schema for `spec.env.config_map_key_ref` + +Required: + +- `key` (String) The key to select. + +Optional: + +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? +- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -3607,32 +3977,34 @@ Required: Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--bearer)) - `connection` (String) ConnectionName of the connection. It'll be used to populate the connection fields. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth)) - `password` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password)) - `port` (Number) Port for the SSH server. Defaults to 22 - `username` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username)) - -### Nested Schema for `spec.folder.sftp_connection.password` + +### Nested Schema for `spec.folder.sftp_connection.bearer` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--bearer--value_from)) - -### Nested Schema for `spec.folder.sftp_connection.password.value_from` + +### Nested Schema for `spec.folder.sftp_connection.bearer.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--bearer--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.folder.sftp_connection.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.bearer.value_from.config_map_key_ref` Required: @@ -3643,8 +4015,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.sftp_connection.password.value_from.helm_ref` + +### Nested Schema for `spec.folder.sftp_connection.bearer.value_from.helm_ref` Required: @@ -3655,8 +4027,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.sftp_connection.password.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.bearer.value_from.secret_key_ref` Required: @@ -3669,27 +4041,38 @@ Optional: - -### Nested Schema for `spec.folder.sftp_connection.username` + +### Nested Schema for `spec.folder.sftp_connection.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_id--value_from)) - -### Nested Schema for `spec.folder.sftp_connection.username.value_from` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.folder.sftp_connection.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_id.value_from.config_map_key_ref` Required: @@ -3700,8 +4083,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.sftp_connection.username.value_from.helm_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_id.value_from.helm_ref` Required: @@ -3712,8 +4095,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.sftp_connection.username.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_id.value_from.secret_key_ref` Required: @@ -3726,39 +4109,27 @@ Optional: - - -### Nested Schema for `spec.folder.smb_connection` - -Optional: - -- `connection` (String) ConnectionName of the connection. It'll be used to populate the connection fields. -- `domain` (String) Domain... -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password)) -- `port` (Number) Port on which smb server is running. Defaults to 445 -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username)) - - -### Nested Schema for `spec.folder.smb_connection.password` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_secret` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_secret--value_from)) - -### Nested Schema for `spec.folder.smb_connection.password.value_from` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_secret.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--oauth--client_secret--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.folder.smb_connection.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_secret.value_from.config_map_key_ref` Required: @@ -3769,8 +4140,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.smb_connection.password.value_from.helm_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_secret.value_from.helm_ref` Required: @@ -3781,8 +4152,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.smb_connection.password.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.oauth.client_secret.value_from.secret_key_ref` Required: @@ -3795,27 +4166,28 @@ Optional: - -### Nested Schema for `spec.folder.smb_connection.username` + + +### Nested Schema for `spec.folder.sftp_connection.password` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from)) - -### Nested Schema for `spec.folder.smb_connection.username.value_from` + +### Nested Schema for `spec.folder.sftp_connection.password.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--password--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.folder.smb_connection.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.password.value_from.config_map_key_ref` Required: @@ -3826,8 +4198,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.smb_connection.username.value_from.helm_ref` + +### Nested Schema for `spec.folder.sftp_connection.password.value_from.helm_ref` Required: @@ -3838,8 +4210,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.folder.smb_connection.username.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.sftp_connection.password.value_from.secret_key_ref` Required: @@ -3852,74 +4224,98 @@ Optional: - - -### Nested Schema for `spec.folder.test` + +### Nested Schema for `spec.folder.sftp_connection.username` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from)) - -### Nested Schema for `spec.folder.transform` + +### Nested Schema for `spec.folder.sftp_connection.username.value_from` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--sftp_connection--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + +### Nested Schema for `spec.folder.sftp_connection.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) - -### Nested Schema for `spec.git_protocol` + + +### Nested Schema for `spec.folder.sftp_connection.username.value_from.helm_ref` Required: -- `name` (String) Name of the check -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password)) -- `repository` (String) -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username)) +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--display)) -- `filename` (String) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--git_protocol--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `name` (String) - -### Nested Schema for `spec.git_protocol.password` + + +### Nested Schema for `spec.folder.sftp_connection.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.folder.smb_connection` + +Optional: + +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--bearer)) +- `connection` (String) ConnectionName of the connection. It'll be used to populate the connection fields. +- `domain` (String) Domain... +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password)) +- `port` (Number) Port on which smb server is running. Defaults to 445 +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username)) + + +### Nested Schema for `spec.folder.smb_connection.bearer` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--bearer--value_from)) - -### Nested Schema for `spec.git_protocol.password.value_from` + +### Nested Schema for `spec.folder.smb_connection.bearer.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--bearer--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.git_protocol.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.smb_connection.bearer.value_from.config_map_key_ref` Required: @@ -3930,8 +4326,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.git_protocol.password.value_from.helm_ref` + +### Nested Schema for `spec.folder.smb_connection.bearer.value_from.helm_ref` Required: @@ -3942,8 +4338,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.git_protocol.password.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.smb_connection.bearer.value_from.secret_key_ref` Required: @@ -3956,27 +4352,38 @@ Optional: - -### Nested Schema for `spec.git_protocol.username` + +### Nested Schema for `spec.folder.smb_connection.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.folder.smb_connection.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_id--value_from)) - -### Nested Schema for `spec.git_protocol.username.value_from` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.git_protocol.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_id.value_from.config_map_key_ref` Required: @@ -3987,8 +4394,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.git_protocol.username.value_from.helm_ref` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_id.value_from.helm_ref` Required: @@ -3999,8 +4406,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.git_protocol.username.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_id.value_from.secret_key_ref` Required: @@ -4013,118 +4420,85 @@ Optional: - -### Nested Schema for `spec.git_protocol.display` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_secret` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_secret--value_from)) - -### Nested Schema for `spec.git_protocol.metrics` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_secret.value_from` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--git_protocol--metrics--labels)) -- `name` (String) -- `type` (String) -- `value` (String) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.git_protocol.metrics.labels` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_secret.value_from.config_map_key_ref` Required: -- `name` (String) +- `key` (String) Optional: -- `value` (String) -- `value_expr` (String) - - - - -### Nested Schema for `spec.git_protocol.test` +- `name` (String) -Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) + +### Nested Schema for `spec.folder.smb_connection.oauth.client_secret.value_from.helm_ref` +Required: - -### Nested Schema for `spec.git_protocol.transform` +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - +- `name` (String) - -### Nested Schema for `spec.github` + +### Nested Schema for `spec.folder.smb_connection.oauth.client_secret.value_from.secret_key_ref` Required: -- `name` (String) Name of the check -- `query` (String) Query to be executed. Please see https://github.com/askgitdev/askgit for more details regarding syntax +- `key` (String) Optional: -- `connection` (String) -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--github--display)) -- `github_token` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token)) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--github--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--github--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--github--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `name` (String) - -### Nested Schema for `spec.github.display` -Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - -### Nested Schema for `spec.github.github_token` + +### Nested Schema for `spec.folder.smb_connection.password` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from)) - -### Nested Schema for `spec.github.github_token.value_from` + +### Nested Schema for `spec.folder.smb_connection.password.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--password--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.github.github_token.value_from.config_map_key_ref` + +### Nested Schema for `spec.folder.smb_connection.password.value_from.config_map_key_ref` Required: @@ -4135,8 +4509,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.github.github_token.value_from.helm_ref` + +### Nested Schema for `spec.folder.smb_connection.password.value_from.helm_ref` Required: @@ -4147,8 +4521,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.github.github_token.value_from.secret_key_ref` + +### Nested Schema for `spec.folder.smb_connection.password.value_from.secret_key_ref` Required: @@ -4161,32 +4535,66 @@ Optional: - -### Nested Schema for `spec.github.metrics` + +### Nested Schema for `spec.folder.smb_connection.username` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--github--metrics--labels)) - `name` (String) -- `type` (String) - `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from)) - -### Nested Schema for `spec.github.metrics.labels` + +### Nested Schema for `spec.folder.smb_connection.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--folder--smb_connection--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.folder.smb_connection.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.folder.smb_connection.username.value_from.helm_ref` Required: +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + - `name` (String) + + +### Nested Schema for `spec.folder.smb_connection.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + Optional: -- `value` (String) -- `value_expr` (String) +- `name` (String) - -### Nested Schema for `spec.github.test` + + + +### Nested Schema for `spec.folder.test` Optional: @@ -4196,8 +4604,8 @@ Optional: - `template` (String) - -### Nested Schema for `spec.github.transform` + +### Nested Schema for `spec.folder.transform` Optional: @@ -4208,55 +4616,50 @@ Optional: - -### Nested Schema for `spec.helm` + +### Nested Schema for `spec.git_protocol` Required: - `name` (String) Name of the check +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password)) +- `repository` (String) +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username)) + +Optional: -Optional: - -- `auth` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth)) -- `cafile` (String) -- `chartmuseum` (String) - `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--display)) +- `filename` (String) - `icon` (String) Icon for overwriting default icon on the dashboard - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--helm--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--git_protocol--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `project` (String) +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--transform)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - -### Nested Schema for `spec.helm.auth` - -Optional: - -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password)) -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username)) - - -### Nested Schema for `spec.helm.auth.password` + +### Nested Schema for `spec.git_protocol.password` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from)) - -### Nested Schema for `spec.helm.auth.password.value_from` + +### Nested Schema for `spec.git_protocol.password.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--password--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.helm.auth.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.git_protocol.password.value_from.config_map_key_ref` Required: @@ -4267,8 +4670,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.helm.auth.password.value_from.helm_ref` + +### Nested Schema for `spec.git_protocol.password.value_from.helm_ref` Required: @@ -4279,8 +4682,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.helm.auth.password.value_from.secret_key_ref` + +### Nested Schema for `spec.git_protocol.password.value_from.secret_key_ref` Required: @@ -4293,27 +4696,27 @@ Optional: - -### Nested Schema for `spec.helm.auth.username` + +### Nested Schema for `spec.git_protocol.username` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from)) - -### Nested Schema for `spec.helm.auth.username.value_from` + +### Nested Schema for `spec.git_protocol.username.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--git_protocol--username--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.helm.auth.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.git_protocol.username.value_from.config_map_key_ref` Required: @@ -4324,8 +4727,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.helm.auth.username.value_from.helm_ref` + +### Nested Schema for `spec.git_protocol.username.value_from.helm_ref` Required: @@ -4336,8 +4739,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.helm.auth.username.value_from.secret_key_ref` + +### Nested Schema for `spec.git_protocol.username.value_from.secret_key_ref` Required: @@ -4350,19 +4753,29 @@ Optional: + +### Nested Schema for `spec.git_protocol.display` + +Optional: - -### Nested Schema for `spec.helm.metrics` +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.git_protocol.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--helm--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--git_protocol--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.helm.metrics.labels` + +### Nested Schema for `spec.git_protocol.metrics.labels` Required: @@ -4375,46 +4788,53 @@ Optional: + +### Nested Schema for `spec.git_protocol.test` - -### Nested Schema for `spec.http` +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.git_protocol.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + + +### Nested Schema for `spec.github` Required: - `name` (String) Name of the check +- `query` (String) Query to be executed. Please see https://github.com/askgitdev/askgit for more details regarding syntax Optional: -- `body` (String) Request Body Contents -- `connection` (String) Connection name e.g. connection://http/google +- `connection` (String) - `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--http--display)) -- `endpoint` (String) Deprecated: Use url instead -- `env` (Attributes List) EnvVars are the environment variables that are accesible to templated body (see [below for nested schema](#nestedatt--spec--http--env)) -- `headers` (Attributes List) Header fields to be used in the query (see [below for nested schema](#nestedatt--spec--http--headers)) +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--github--display)) +- `github_token` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token)) - `icon` (String) Icon for overwriting default icon on the dashboard - `labels` (Map of String) Labels for the check -- `max_ssl_expiry` (Number) Maximum number of days until the SSL Certificate expires. -- `method` (String) Method to use - defaults to GET -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--http--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--github--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `ntlm` (Boolean) NTLM when set to true will do authentication using NTLM v1 protocol -- `ntlmv2` (Boolean) NTLM when set to true will do authentication using NTLM v2 protocol -- `oauth2` (Attributes) Oauth2 Configuration. The client ID & Client secret should go to username & password respectively. (see [below for nested schema](#nestedatt--spec--http--oauth2)) -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password)) -- `response_codes` (List of String) Expected response codes for the HTTP Request. -- `response_content` (String) Exact response content expected to be returned by the endpoint. -- `response_json_content` (Attributes) Deprecated, use expr and jsonpath function (see [below for nested schema](#nestedatt--spec--http--response_json_content)) -- `template_body` (Boolean) Template the request body -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--http--test)) -- `threshold_millis` (Number) Maximum duration in milliseconds for the HTTP request. It will fail the check if it takes longer. -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--http--transform)) +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--github--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--github--transform)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username)) - -### Nested Schema for `spec.http.display` + +### Nested Schema for `spec.github.display` Optional: @@ -4424,27 +4844,27 @@ Optional: - `template` (String) - -### Nested Schema for `spec.http.env` + +### Nested Schema for `spec.github.github_token` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from)) - -### Nested Schema for `spec.http.env.value_from` + +### Nested Schema for `spec.github.github_token.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--github--github_token--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.http.env.value_from.config_map_key_ref` + +### Nested Schema for `spec.github.github_token.value_from.config_map_key_ref` Required: @@ -4455,8 +4875,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.env.value_from.helm_ref` + +### Nested Schema for `spec.github.github_token.value_from.helm_ref` Required: @@ -4467,8 +4887,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.env.value_from.secret_key_ref` + +### Nested Schema for `spec.github.github_token.value_from.secret_key_ref` Required: @@ -4481,118 +4901,102 @@ Optional: - -### Nested Schema for `spec.http.headers` + +### Nested Schema for `spec.github.metrics` Optional: +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--github--metrics--labels)) - `name` (String) +- `type` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from)) - - -### Nested Schema for `spec.http.headers.value_from` - -Optional: - -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--secret_key_ref)) -- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.http.headers.value_from.config_map_key_ref` + +### Nested Schema for `spec.github.metrics.labels` Required: -- `key` (String) - -Optional: - - `name` (String) - - -### Nested Schema for `spec.http.headers.value_from.helm_ref` - -Required: - -- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. - Optional: -- `name` (String) - +- `value` (String) +- `value_expr` (String) - -### Nested Schema for `spec.http.headers.value_from.secret_key_ref` -Required: -- `key` (String) + +### Nested Schema for `spec.github.test` Optional: -- `name` (String) +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + +### Nested Schema for `spec.github.transform` +Optional: - -### Nested Schema for `spec.http.metrics` +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) -Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--http--metrics--labels)) -- `name` (String) -- `type` (String) -- `value` (String) - -### Nested Schema for `spec.http.metrics.labels` + +### Nested Schema for `spec.helm` Required: -- `name` (String) +- `name` (String) Name of the check Optional: -- `value` (String) -- `value_expr` (String) - - +- `auth` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth)) +- `cafile` (String) +- `chartmuseum` (String) +- `description` (String) Description for the check +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--helm--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `project` (String) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - -### Nested Schema for `spec.http.oauth2` + +### Nested Schema for `spec.helm.auth` Optional: -- `params` (Map of String) -- `scope` (List of String) -- `token_url` (String) - +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password)) +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username)) - -### Nested Schema for `spec.http.password` + +### Nested Schema for `spec.helm.auth.password` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from)) - -### Nested Schema for `spec.http.password.value_from` + +### Nested Schema for `spec.helm.auth.password.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--password--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.http.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.helm.auth.password.value_from.config_map_key_ref` Required: @@ -4603,8 +5007,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.password.value_from.helm_ref` + +### Nested Schema for `spec.helm.auth.password.value_from.helm_ref` Required: @@ -4615,8 +5019,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.password.value_from.secret_key_ref` + +### Nested Schema for `spec.helm.auth.password.value_from.secret_key_ref` Required: @@ -4629,58 +5033,27 @@ Optional: - -### Nested Schema for `spec.http.response_json_content` - -Required: - -- `path` (String) -- `value` (String) - - - -### Nested Schema for `spec.http.test` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.http.transform` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.http.username` + +### Nested Schema for `spec.helm.auth.username` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from)) - -### Nested Schema for `spec.http.username.value_from` + +### Nested Schema for `spec.helm.auth.username.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--helm--auth--username--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.http.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.helm.auth.username.value_from.config_map_key_ref` Required: @@ -4691,8 +5064,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.username.value_from.helm_ref` + +### Nested Schema for `spec.helm.auth.username.value_from.helm_ref` Required: @@ -4703,8 +5076,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.http.username.value_from.secret_key_ref` + +### Nested Schema for `spec.helm.auth.username.value_from.secret_key_ref` Required: @@ -4718,38 +5091,18 @@ Optional: - -### Nested Schema for `spec.icmp` - -Required: - -- `name` (String) Name of the check - -Optional: - -- `description` (String) Description for the check -- `endpoint` (String) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--icmp--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `packet_count` (Number) -- `packet_loss_threshold` (Number) -- `threshold_millis` (Number) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - - -### Nested Schema for `spec.icmp.metrics` + +### Nested Schema for `spec.helm.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--icmp--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--helm--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.icmp.metrics.labels` + +### Nested Schema for `spec.helm.metrics.labels` Required: @@ -4763,49 +5116,66 @@ Optional: - -### Nested Schema for `spec.jmeter` + +### Nested Schema for `spec.http` Required: -- `jmx` (Attributes) Jmx defines the ConfigMap or Secret reference to get the JMX test plan (see [below for nested schema](#nestedatt--spec--jmeter--jmx)) - `name` (String) Name of the check Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--http--bearer)) +- `body` (String) Request Body Contents +- `connection` (String) Connection name e.g. connection://http/google - `description` (String) Description for the check -- `host` (String) Host is the server against which test plan needs to be executed +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--http--display)) +- `endpoint` (String) Deprecated: Use url instead +- `env` (Attributes List) EnvVars are the environment variables that are accesible to templated body (see [below for nested schema](#nestedatt--spec--http--env)) +- `headers` (Attributes List) Header fields to be used in the query (see [below for nested schema](#nestedatt--spec--http--headers)) - `icon` (String) Icon for overwriting default icon on the dashboard - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--jmeter--metrics)) +- `max_ssl_expiry` (Number) Maximum number of days until the SSL Certificate expires. +- `method` (String) Method to use - defaults to GET +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--http--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `port` (Number) Port on which the server is running -- `properties` (List of String) Properties defines the local Jmeter properties -- `response_duration` (String) ResponseDuration under which the all the test should pass -- `system_properties` (List of String) SystemProperties defines the java system property +- `ntlm` (Boolean) NTLM when set to true will do authentication using NTLM v1 protocol +- `ntlmv2` (Boolean) NTLM when set to true will do authentication using NTLM v2 protocol +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth)) +- `oauth2` (Attributes) Oauth2 Configuration. The client ID & Client secret should go to username & password respectively. (see [below for nested schema](#nestedatt--spec--http--oauth2)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password)) +- `response_codes` (List of String) Expected response codes for the HTTP Request. +- `response_content` (String) Exact response content expected to be returned by the endpoint. +- `response_json_content` (Attributes) Deprecated, use expr and jsonpath function (see [below for nested schema](#nestedatt--spec--http--response_json_content)) +- `template_body` (Boolean) Template the request body +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--http--test)) +- `threshold_millis` (Number) Maximum duration in milliseconds for the HTTP request. It will fail the check if it takes longer. +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--http--transform)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username)) - -### Nested Schema for `spec.jmeter.jmx` + +### Nested Schema for `spec.http.bearer` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--bearer--value_from)) - -### Nested Schema for `spec.jmeter.jmx.value_from` + +### Nested Schema for `spec.http.bearer.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--bearer--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.jmeter.jmx.value_from.config_map_key_ref` + +### Nested Schema for `spec.http.bearer.value_from.config_map_key_ref` Required: @@ -4816,8 +5186,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.jmeter.jmx.value_from.helm_ref` + +### Nested Schema for `spec.http.bearer.value_from.helm_ref` Required: @@ -4828,8 +5198,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.jmeter.jmx.value_from.secret_key_ref` + +### Nested Schema for `spec.http.bearer.value_from.secret_key_ref` Required: @@ -4842,178 +5212,95 @@ Optional: - -### Nested Schema for `spec.jmeter.metrics` + +### Nested Schema for `spec.http.display` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--jmeter--metrics--labels)) -- `name` (String) -- `type` (String) -- `value` (String) - - -### Nested Schema for `spec.jmeter.metrics.labels` +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) -Required: -- `name` (String) + +### Nested Schema for `spec.http.env` Optional: +- `name` (String) - `value` (String) -- `value_expr` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from)) + +### Nested Schema for `spec.http.env.value_from` +Optional: +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--env--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.junit` + +### Nested Schema for `spec.http.env.value_from.config_map_key_ref` Required: -- `name` (String) Name of the check -- `spec` (Map of String) -- `test_results` (String) +- `key` (String) Optional: -- `artifacts` (Attributes List) Artifacts configure the artifacts generated by the check (see [below for nested schema](#nestedatt--spec--junit--artifacts)) -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--display)) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--junit--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--test)) -- `timeout` (Number) Timeout in minutes to wait for specified container to finish its job. Defaults to 5 minutes -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - - -### Nested Schema for `spec.junit.artifacts` +- `name` (String) -Required: -- `path` (String) Path to the artifact on the check runner.Special paths: /dev/stdout & /dev/stdin + +### Nested Schema for `spec.http.env.value_from.helm_ref` +Required: - -### Nested Schema for `spec.junit.display` +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `name` (String) - -### Nested Schema for `spec.junit.metrics` - -Optional: - -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--junit--metrics--labels)) -- `name` (String) -- `type` (String) -- `value` (String) - - -### Nested Schema for `spec.junit.metrics.labels` - -Required: - -- `name` (String) - -Optional: - -- `value` (String) -- `value_expr` (String) - - - - -### Nested Schema for `spec.junit.test` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.junit.transform` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - - -### Nested Schema for `spec.kubernetes` + +### Nested Schema for `spec.http.env.value_from.secret_key_ref` Required: -- `kind` (String) -- `name` (String) Name of the check +- `key` (String) Optional: -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--display)) -- `healthy` (Boolean) Fail the check if any resources are unhealthy -- `icon` (String) Icon for overwriting default icon on the dashboard -- `ignore` (List of String) Ignore the specified resources from the fetched resources. Can be a glob pattern. -- `kubeconfig` (Attributes) KubeConfig is the kubeconfig or the path to the kubeconfig file. (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig)) -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--kubernetes--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--namespace_selector)) -- `ready` (Boolean) Fail the check if any resources are not ready -- `resource` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--resource)) -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - - -### Nested Schema for `spec.kubernetes.display` +- `name` (String) -Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - -### Nested Schema for `spec.kubernetes.kubeconfig` + +### Nested Schema for `spec.http.headers` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from)) - -### Nested Schema for `spec.kubernetes.kubeconfig.value_from` + +### Nested Schema for `spec.http.headers.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--headers--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.kubernetes.kubeconfig.value_from.config_map_key_ref` + +### Nested Schema for `spec.http.headers.value_from.config_map_key_ref` Required: @@ -5024,8 +5311,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.kubernetes.kubeconfig.value_from.helm_ref` + +### Nested Schema for `spec.http.headers.value_from.helm_ref` Required: @@ -5036,8 +5323,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.kubernetes.kubeconfig.value_from.secret_key_ref` + +### Nested Schema for `spec.http.headers.value_from.secret_key_ref` Required: @@ -5050,18 +5337,18 @@ Optional: - -### Nested Schema for `spec.kubernetes.metrics` + +### Nested Schema for `spec.http.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--kubernetes--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--http--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.kubernetes.metrics.labels` + +### Nested Schema for `spec.http.metrics.labels` Required: @@ -5074,117 +5361,95 @@ Optional: - -### Nested Schema for `spec.kubernetes.namespace_selector` + +### Nested Schema for `spec.http.oauth` Optional: -- `field_selector` (String) -- `label_selector` (String) -- `name` (String) - +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) - -### Nested Schema for `spec.kubernetes.resource` + +### Nested Schema for `spec.http.oauth.client_id` Optional: -- `field_selector` (String) -- `label_selector` (String) - `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_id--value_from)) - - -### Nested Schema for `spec.kubernetes.test` + +### Nested Schema for `spec.http.oauth.client_id.value_from` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + +### Nested Schema for `spec.http.oauth.client_id.value_from.config_map_key_ref` - -### Nested Schema for `spec.kubernetes.transform` +Required: -Optional: +- `key` (String) -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +Optional: +- `name` (String) - -### Nested Schema for `spec.kubernetes_resource` + +### Nested Schema for `spec.http.oauth.client_id.value_from.helm_ref` Required: -- `name` (String) Name of the check -- `resources` (Map of String) Resources are kubernetes resources that are created & clearedafter every check run. +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `check_retries` (Attributes) Set initial delays and retry intervals for checks. (see [below for nested schema](#nestedatt--spec--kubernetes_resource--check_retries)) -- `checks` (Map of String) Checks to run against the kubernetes resources. -- `clear_resources` (Boolean) Ensure that the resources are deleted before creating them. -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--display)) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `kubeconfig` (Attributes) Kubeconfig is the kubeconfig or the path to the kubeconfig file. (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig)) -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--kubernetes_resource--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `static_resources` (Map of String) StaticResources are kubernetes resources that are created & onlycleared when the canary is deleted -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `wait_for` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--wait_for)) - - -### Nested Schema for `spec.kubernetes_resource.check_retries` +- `name` (String) -Optional: -- `delay` (String) Delay is the initial delay -- `interval` (String) -- `timeout` (String) + +### Nested Schema for `spec.http.oauth.client_id.value_from.secret_key_ref` +Required: - -### Nested Schema for `spec.kubernetes_resource.display` +- `key` (String) Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `name` (String) + - -### Nested Schema for `spec.kubernetes_resource.kubeconfig` + + +### Nested Schema for `spec.http.oauth.client_secret` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_secret--value_from)) - -### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from` + +### Nested Schema for `spec.http.oauth.client_secret.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--oauth--client_secret--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.config_map_key_ref` + +### Nested Schema for `spec.http.oauth.client_secret.value_from.config_map_key_ref` Required: @@ -5195,8 +5460,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.helm_ref` + +### Nested Schema for `spec.http.oauth.client_secret.value_from.helm_ref` Required: @@ -5207,8 +5472,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.secret_key_ref` + +### Nested Schema for `spec.http.oauth.client_secret.value_from.secret_key_ref` Required: @@ -5221,100 +5486,1905 @@ Optional: - -### Nested Schema for `spec.kubernetes_resource.metrics` + + +### Nested Schema for `spec.http.oauth2` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--metrics--labels)) -- `name` (String) -- `type` (String) -- `value` (String) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) - -### Nested Schema for `spec.kubernetes_resource.metrics.labels` -Required: + +### Nested Schema for `spec.http.password` + +Optional: - `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from)) + + +### Nested Schema for `spec.http.password.value_from` Optional: -- `value` (String) -- `value_expr` (String) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + +### Nested Schema for `spec.http.password.value_from.config_map_key_ref` +Required: - -### Nested Schema for `spec.kubernetes_resource.test` +- `key` (String) Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `name` (String) - -### Nested Schema for `spec.kubernetes_resource.transform` + +### Nested Schema for `spec.http.password.value_from.helm_ref` -Optional: +Required: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. +Optional: - -### Nested Schema for `spec.kubernetes_resource.wait_for` +- `name` (String) -Optional: -- `delete` (Boolean) Whether to wait for deletion or not -- `disable` (Boolean) Disable waiting for resources to get to their desired state. + +### Nested Schema for `spec.http.password.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.http.response_json_content` + +Required: + +- `path` (String) +- `value` (String) + + + +### Nested Schema for `spec.http.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.http.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.http.username` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from)) + + +### Nested Schema for `spec.http.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--http--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.http.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.http.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.http.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.icmp` + +Required: + +- `name` (String) Name of the check + +Optional: + +- `description` (String) Description for the check +- `endpoint` (String) +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--icmp--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `packet_count` (Number) +- `packet_loss_threshold` (Number) +- `threshold_millis` (Number) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is + + +### Nested Schema for `spec.icmp.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--icmp--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.icmp.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + + +### Nested Schema for `spec.jmeter` + +Required: + +- `jmx` (Attributes) Jmx defines the ConfigMap or Secret reference to get the JMX test plan (see [below for nested schema](#nestedatt--spec--jmeter--jmx)) +- `name` (String) Name of the check + +Optional: + +- `description` (String) Description for the check +- `host` (String) Host is the server against which test plan needs to be executed +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--jmeter--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `port` (Number) Port on which the server is running +- `properties` (List of String) Properties defines the local Jmeter properties +- `response_duration` (String) ResponseDuration under which the all the test should pass +- `system_properties` (List of String) SystemProperties defines the java system property +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is + + +### Nested Schema for `spec.jmeter.jmx` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from)) + + +### Nested Schema for `spec.jmeter.jmx.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--jmeter--jmx--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.jmeter.jmx.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.jmeter.jmx.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.jmeter.jmx.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.jmeter.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--jmeter--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.jmeter.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + + +### Nested Schema for `spec.junit` + +Required: + +- `name` (String) Name of the check +- `spec` (Map of String) +- `test_results` (String) + +Optional: + +- `artifacts` (Attributes List) Artifacts configure the artifacts generated by the check (see [below for nested schema](#nestedatt--spec--junit--artifacts)) +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--display)) +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--junit--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--test)) +- `timeout` (Number) Timeout in minutes to wait for specified container to finish its job. Defaults to 5 minutes +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--junit--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is + + +### Nested Schema for `spec.junit.artifacts` + +Required: + +- `path` (String) Path to the artifact on the check runner.Special paths: /dev/stdout & /dev/stdin + + + +### Nested Schema for `spec.junit.display` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.junit.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--junit--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.junit.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.junit.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.junit.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + + +### Nested Schema for `spec.kubernetes` + +Required: + +- `kind` (String) +- `name` (String) Name of the check + +Optional: + +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--display)) +- `healthy` (Boolean) Fail the check if any resources are unhealthy +- `icon` (String) Icon for overwriting default icon on the dashboard +- `ignore` (List of String) Ignore the specified resources from the fetched resources. Can be a glob pattern. +- `kubeconfig` (Attributes) KubeConfig is the kubeconfig or the path to the kubeconfig file. (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig)) +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--kubernetes--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--namespace_selector)) +- `ready` (Boolean) Fail the check if any resources are not ready +- `resource` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--resource)) +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is + + +### Nested Schema for `spec.kubernetes.display` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.kubernetes.kubeconfig` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from)) + + +### Nested Schema for `spec.kubernetes.kubeconfig.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes--kubeconfig--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.kubernetes.kubeconfig.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.kubernetes.kubeconfig.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.kubernetes.kubeconfig.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.kubernetes.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--kubernetes--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.kubernetes.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.kubernetes.namespace_selector` + +Optional: + +- `field_selector` (String) +- `label_selector` (String) +- `name` (String) + + + +### Nested Schema for `spec.kubernetes.resource` + +Optional: + +- `field_selector` (String) +- `label_selector` (String) +- `name` (String) + + + +### Nested Schema for `spec.kubernetes.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.kubernetes.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + + +### Nested Schema for `spec.kubernetes_resource` + +Required: + +- `name` (String) Name of the check +- `resources` (Map of String) Resources are kubernetes resources that are created & clearedafter every check run. + +Optional: + +- `check_retries` (Attributes) Set initial delays and retry intervals for checks. (see [below for nested schema](#nestedatt--spec--kubernetes_resource--check_retries)) +- `checks` (Map of String) Checks to run against the kubernetes resources. +- `clear_resources` (Boolean) Ensure that the resources are deleted before creating them. +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--display)) +- `icon` (String) Icon for overwriting default icon on the dashboard +- `kubeconfig` (Attributes) Kubeconfig is the kubeconfig or the path to the kubeconfig file. (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig)) +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--kubernetes_resource--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `static_resources` (Map of String) StaticResources are kubernetes resources that are created & onlycleared when the canary is deleted +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `wait_for` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--wait_for)) + + +### Nested Schema for `spec.kubernetes_resource.check_retries` + +Optional: + +- `delay` (String) Delay is the initial delay +- `interval` (String) +- `timeout` (String) + + + +### Nested Schema for `spec.kubernetes_resource.display` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.kubernetes_resource.kubeconfig` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from)) + + +### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--kubeconfig--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.kubernetes_resource.kubeconfig.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.kubernetes_resource.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--kubernetes_resource--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.kubernetes_resource.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.kubernetes_resource.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.kubernetes_resource.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.kubernetes_resource.wait_for` + +Optional: + +- `delete` (Boolean) Whether to wait for deletion or not +- `disable` (Boolean) Disable waiting for resources to get to their desired state. - `expr` (String) Expr is a cel expression that determines whether all the resourcesare in their desired state before running checks on them. Default: 'dyn(resources).all(r, k8s.isHealthy(r))' - `interval` (String) Interval to check if all static & non-static resources are ready. Default: 5s - `timeout` (String) Timeout to wait for all static & non-static resources to be ready. Default: 10m - -### Nested Schema for `spec.ldap` + +### Nested Schema for `spec.ldap` + +Required: + +- `bind_dn` (String) +- `name` (String) Name of the check + +Optional: + +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--bearer)) +- `connection` (String) Connection name e.g. connection://http/google +- `description` (String) Description for the check +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--ldap--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password)) +- `skip_tls_verify` (Boolean) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `user_search` (String) +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username)) + + +### Nested Schema for `spec.ldap.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--bearer--value_from)) + + +### Nested Schema for `spec.ldap.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.ldap.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.ldap.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--ldap--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.ldap.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.ldap.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.ldap.oauth.client_id` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_id--value_from)) + + +### Nested Schema for `spec.ldap.oauth.client_id.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.ldap.oauth.client_id.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.oauth.client_id.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.oauth.client_id.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.ldap.oauth.client_secret` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_secret--value_from)) + + +### Nested Schema for `spec.ldap.oauth.client_secret.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.ldap.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.oauth.client_secret.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.ldap.password` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from)) + + +### Nested Schema for `spec.ldap.password.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.ldap.password.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.password.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.password.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.ldap.username` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from)) + + +### Nested Schema for `spec.ldap.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.ldap.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.ldap.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.mongodb` + +Required: + +- `name` (String) Name of the check + +Optional: + +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--bearer)) +- `connection` (String) Connection name e.g. connection://http/google +- `description` (String) Description for the check +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mongodb--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username)) + + +### Nested Schema for `spec.mongodb.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--bearer--value_from)) + + +### Nested Schema for `spec.mongodb.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mongodb.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mongodb.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mongodb--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.mongodb.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.mongodb.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.mongodb.oauth.client_id` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_id--value_from)) + + +### Nested Schema for `spec.mongodb.oauth.client_id.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mongodb.oauth.client_id.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.oauth.client_id.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.oauth.client_id.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mongodb.oauth.client_secret` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_secret--value_from)) + + +### Nested Schema for `spec.mongodb.oauth.client_secret.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mongodb.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.oauth.client_secret.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.mongodb.password` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from)) + + +### Nested Schema for `spec.mongodb.password.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mongodb.password.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.password.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.password.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mongodb.username` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from)) + + +### Nested Schema for `spec.mongodb.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mongodb.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mongodb.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.mssql` + +Required: + +- `name` (String) Name of the check + +Optional: + +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--bearer)) +- `connection` (String) Connection name e.g. connection://http/google +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--display)) +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mssql--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password)) +- `query` (String) +- `results` (Number) Number rows to check for +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username)) + + +### Nested Schema for `spec.mssql.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--bearer--value_from)) + + +### Nested Schema for `spec.mssql.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mssql.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mssql.display` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.mssql.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mssql--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + + +### Nested Schema for `spec.mssql.metrics.labels` + +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.mssql.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.mssql.oauth.client_id` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_id--value_from)) + + +### Nested Schema for `spec.mssql.oauth.client_id.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mssql.oauth.client_id.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.oauth.client_id.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.oauth.client_id.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mssql.oauth.client_secret` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_secret--value_from)) + + +### Nested Schema for `spec.mssql.oauth.client_secret.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mssql.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.oauth.client_secret.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.mssql.password` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from)) + + +### Nested Schema for `spec.mssql.password.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mssql.password.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.password.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.password.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.mssql.test` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.mssql.transform` + +Optional: + +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.mssql.username` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from)) + + +### Nested Schema for `spec.mssql.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mssql.username.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mssql.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.mysql` Required: -- `bind_dn` (String) - `name` (String) Name of the check Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--bearer)) - `connection` (String) Connection name e.g. connection://http/google - `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--display)) - `icon` (String) Icon for overwriting default icon on the dashboard - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--ldap--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mysql--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password)) -- `skip_tls_verify` (Boolean) +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password)) +- `query` (String) +- `results` (Number) Number rows to check for +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--transform)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - `url` (String) Connection url, interpolated with username,password -- `user_search` (String) -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username)) +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username)) + + +### Nested Schema for `spec.mysql.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--bearer--value_from)) + + +### Nested Schema for `spec.mysql.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.mysql.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mysql.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.mysql.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + - -### Nested Schema for `spec.ldap.metrics` + +### Nested Schema for `spec.mysql.display` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--ldap--metrics--labels)) +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.mysql.metrics` + +Optional: + +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mysql--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.ldap.metrics.labels` + +### Nested Schema for `spec.mysql.metrics.labels` Required: @@ -5327,27 +7397,38 @@ Optional: - -### Nested Schema for `spec.ldap.password` + +### Nested Schema for `spec.mysql.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.mysql.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_id--value_from)) - -### Nested Schema for `spec.ldap.password.value_from` + +### Nested Schema for `spec.mysql.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.ldap.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.mysql.oauth.client_id.value_from.config_map_key_ref` Required: @@ -5358,8 +7439,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.ldap.password.value_from.helm_ref` + +### Nested Schema for `spec.mysql.oauth.client_id.value_from.helm_ref` Required: @@ -5370,8 +7451,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.ldap.password.value_from.secret_key_ref` + +### Nested Schema for `spec.mysql.oauth.client_id.value_from.secret_key_ref` Required: @@ -5384,27 +7465,27 @@ Optional: - -### Nested Schema for `spec.ldap.username` + +### Nested Schema for `spec.mysql.oauth.client_secret` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_secret--value_from)) - -### Nested Schema for `spec.ldap.username.value_from` + +### Nested Schema for `spec.mysql.oauth.client_secret.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--ldap--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--oauth--client_secret--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.ldap.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.mysql.oauth.client_secret.value_from.config_map_key_ref` Required: @@ -5415,8 +7496,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.ldap.username.value_from.helm_ref` + +### Nested Schema for `spec.mysql.oauth.client_secret.value_from.helm_ref` Required: @@ -5427,8 +7508,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.ldap.username.value_from.secret_key_ref` + +### Nested Schema for `spec.mysql.oauth.client_secret.value_from.secret_key_ref` Required: @@ -5442,128 +7523,106 @@ Optional: - -### Nested Schema for `spec.mongodb` - -Required: - -- `name` (String) Name of the check - -Optional: - -- `connection` (String) Connection name e.g. connection://http/google -- `description` (String) Description for the check -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mongodb--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username)) - - -### Nested Schema for `spec.mongodb.metrics` + +### Nested Schema for `spec.mysql.password` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mongodb--metrics--labels)) - `name` (String) -- `type` (String) - `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from)) - -### Nested Schema for `spec.mongodb.metrics.labels` - -Required: - -- `name` (String) + +### Nested Schema for `spec.mysql.password.value_from` Optional: -- `value` (String) -- `value_expr` (String) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + +### Nested Schema for `spec.mysql.password.value_from.config_map_key_ref` +Required: - -### Nested Schema for `spec.mongodb.password` +- `key` (String) Optional: - `name` (String) -- `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from)) - - -### Nested Schema for `spec.mongodb.password.value_from` -Optional: - -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--password--value_from--secret_key_ref)) -- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mongodb.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.mysql.password.value_from.helm_ref` Required: -- `key` (String) +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: - `name` (String) - -### Nested Schema for `spec.mongodb.password.value_from.helm_ref` + +### Nested Schema for `spec.mysql.password.value_from.secret_key_ref` Required: -- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. +- `key` (String) Optional: - `name` (String) - -### Nested Schema for `spec.mongodb.password.value_from.secret_key_ref` -Required: -- `key` (String) + +### Nested Schema for `spec.mysql.test` Optional: -- `name` (String) +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + +### Nested Schema for `spec.mysql.transform` +Optional: - -### Nested Schema for `spec.mongodb.username` +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) + + + +### Nested Schema for `spec.mysql.username` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from)) - -### Nested Schema for `spec.mongodb.username.value_from` + +### Nested Schema for `spec.mysql.username.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mongodb--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mongodb.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.mysql.username.value_from.config_map_key_ref` Required: @@ -5574,8 +7633,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mongodb.username.value_from.helm_ref` + +### Nested Schema for `spec.mysql.username.value_from.helm_ref` Required: @@ -5586,8 +7645,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mongodb.username.value_from.secret_key_ref` + +### Nested Schema for `spec.mysql.username.value_from.secret_key_ref` Required: @@ -5601,54 +7660,52 @@ Optional: - -### Nested Schema for `spec.mssql` + +### Nested Schema for `spec.namespace` Required: - `name` (String) Name of the check +- `pod_spec` (String) Optional: -- `connection` (String) Connection name e.g. connection://http/google +- `deadline` (Number) +- `delete_timeout` (Number) - `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--display)) +- `expected_content` (String) +- `expected_http_statuses` (List of String) +- `http_retry_interval` (Number) +- `http_timeout` (Number) - `icon` (String) Icon for overwriting default icon on the dashboard +- `ingress_host` (String) +- `ingress_name` (String) +- `ingress_timeout` (Number) - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mssql--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--namespace--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password)) -- `query` (String) -- `results` (Number) Number rows to check for -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--transform)) +- `namespace_annotations` (Map of String) +- `namespace_labels` (Map of String) +- `namespace_name_prefix` (String) +- `path` (String) +- `port` (Number) +- `priority_class` (String) +- `ready_timeout` (Number) +- `schedule_timeout` (Number) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username)) - - -### Nested Schema for `spec.mssql.display` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - -### Nested Schema for `spec.mssql.metrics` + +### Nested Schema for `spec.namespace.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mssql--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--namespace--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.mssql.metrics.labels` + +### Nested Schema for `spec.namespace.metrics.labels` Required: @@ -5661,27 +7718,56 @@ Optional: - -### Nested Schema for `spec.mssql.password` + + +### Nested Schema for `spec.opensearch` + +Required: + +- `index` (String) +- `name` (String) Name of the check +- `query` (String) + +Optional: + +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--bearer)) +- `connection` (String) Connection name e.g. connection://http/google +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--display)) +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--opensearch--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password)) +- `results` (Number) +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username)) + + +### Nested Schema for `spec.opensearch.bearer` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--bearer--value_from)) - -### Nested Schema for `spec.mssql.password.value_from` + +### Nested Schema for `spec.opensearch.bearer.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--bearer--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mssql.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.opensearch.bearer.value_from.config_map_key_ref` Required: @@ -5692,8 +7778,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mssql.password.value_from.helm_ref` + +### Nested Schema for `spec.opensearch.bearer.value_from.helm_ref` Required: @@ -5704,8 +7790,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mssql.password.value_from.secret_key_ref` + +### Nested Schema for `spec.opensearch.bearer.value_from.secret_key_ref` Required: @@ -5718,8 +7804,8 @@ Optional: - -### Nested Schema for `spec.mssql.test` + +### Nested Schema for `spec.opensearch.display` Optional: @@ -5729,38 +7815,62 @@ Optional: - `template` (String) - -### Nested Schema for `spec.mssql.transform` + +### Nested Schema for `spec.opensearch.metrics` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--opensearch--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + +### Nested Schema for `spec.opensearch.metrics.labels` - -### Nested Schema for `spec.mssql.username` +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.opensearch.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.opensearch.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_id--value_from)) - -### Nested Schema for `spec.mssql.username.value_from` + +### Nested Schema for `spec.opensearch.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mssql--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mssql.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.opensearch.oauth.client_id.value_from.config_map_key_ref` Required: @@ -5771,8 +7881,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mssql.username.value_from.helm_ref` + +### Nested Schema for `spec.opensearch.oauth.client_id.value_from.helm_ref` Required: @@ -5783,8 +7893,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mssql.username.value_from.secret_key_ref` + +### Nested Schema for `spec.opensearch.oauth.client_id.value_from.secret_key_ref` Required: @@ -5797,88 +7907,85 @@ Optional: + +### Nested Schema for `spec.opensearch.oauth.client_secret` - -### Nested Schema for `spec.mysql` +Optional: -Required: +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_secret--value_from)) -- `name` (String) Name of the check + +### Nested Schema for `spec.opensearch.oauth.client_secret.value_from` Optional: -- `connection` (String) Connection name e.g. connection://http/google -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--display)) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--mysql--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password)) -- `query` (String) -- `results` (Number) Number rows to check for -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mysql.display` + +### Nested Schema for `spec.opensearch.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `name` (String) - -### Nested Schema for `spec.mysql.metrics` + +### Nested Schema for `spec.opensearch.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--mysql--metrics--labels)) - `name` (String) -- `type` (String) -- `value` (String) - -### Nested Schema for `spec.mysql.metrics.labels` + + +### Nested Schema for `spec.opensearch.oauth.client_secret.value_from.secret_key_ref` Required: -- `name` (String) +- `key` (String) Optional: -- `value` (String) -- `value_expr` (String) +- `name` (String) - -### Nested Schema for `spec.mysql.password` + + + +### Nested Schema for `spec.opensearch.password` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from)) - -### Nested Schema for `spec.mysql.password.value_from` + +### Nested Schema for `spec.opensearch.password.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mysql.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.opensearch.password.value_from.config_map_key_ref` Required: @@ -5889,8 +7996,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mysql.password.value_from.helm_ref` + +### Nested Schema for `spec.opensearch.password.value_from.helm_ref` Required: @@ -5901,8 +8008,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mysql.password.value_from.secret_key_ref` + +### Nested Schema for `spec.opensearch.password.value_from.secret_key_ref` Required: @@ -5915,8 +8022,8 @@ Optional: - -### Nested Schema for `spec.mysql.test` + +### Nested Schema for `spec.opensearch.test` Optional: @@ -5926,8 +8033,8 @@ Optional: - `template` (String) - -### Nested Schema for `spec.mysql.transform` + +### Nested Schema for `spec.opensearch.transform` Optional: @@ -5937,27 +8044,27 @@ Optional: - `template` (String) - -### Nested Schema for `spec.mysql.username` + +### Nested Schema for `spec.opensearch.username` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from)) - -### Nested Schema for `spec.mysql.username.value_from` + +### Nested Schema for `spec.opensearch.username.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--mysql--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.mysql.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.opensearch.username.value_from.config_map_key_ref` Required: @@ -5968,8 +8075,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mysql.username.value_from.helm_ref` + +### Nested Schema for `spec.opensearch.username.value_from.helm_ref` Required: @@ -5980,8 +8087,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.mysql.username.value_from.secret_key_ref` + +### Nested Schema for `spec.opensearch.username.value_from.secret_key_ref` Required: @@ -5995,13 +8102,12 @@ Optional: - -### Nested Schema for `spec.namespace` + +### Nested Schema for `spec.pod` Required: - `name` (String) Name of the check -- `pod_spec` (String) Optional: @@ -6013,34 +8119,34 @@ Optional: - `http_retry_interval` (Number) - `http_timeout` (Number) - `icon` (String) Icon for overwriting default icon on the dashboard +- `ingress_class` (String) - `ingress_host` (String) - `ingress_name` (String) - `ingress_timeout` (Number) - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--namespace--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--pod--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `namespace_annotations` (Map of String) -- `namespace_labels` (Map of String) -- `namespace_name_prefix` (String) - `path` (String) - `port` (Number) - `priority_class` (String) - `ready_timeout` (Number) +- `round_robin_nodes` (Boolean) - `schedule_timeout` (Number) +- `spec` (String) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - -### Nested Schema for `spec.namespace.metrics` + +### Nested Schema for `spec.pod.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--namespace--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--pod--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.namespace.metrics.labels` + +### Nested Schema for `spec.pod.metrics.labels` Required: @@ -6054,34 +8160,92 @@ Optional: - -### Nested Schema for `spec.opensearch` + +### Nested Schema for `spec.postgres` Required: -- `index` (String) - `name` (String) Name of the check -- `query` (String) Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--bearer)) - `connection` (String) Connection name e.g. connection://http/google - `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--display)) +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--display)) - `icon` (String) Icon for overwriting default icon on the dashboard - `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--opensearch--metrics)) +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--postgres--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password)) -- `results` (Number) -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--transform)) +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password)) +- `query` (String) +- `results` (Number) Number rows to check for +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--transform)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username)) +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username)) + + +### Nested Schema for `spec.postgres.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--bearer--value_from)) + + +### Nested Schema for `spec.postgres.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.postgres.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.postgres.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.postgres.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + - -### Nested Schema for `spec.opensearch.display` + + +### Nested Schema for `spec.postgres.display` Optional: @@ -6091,18 +8255,18 @@ Optional: - `template` (String) - -### Nested Schema for `spec.opensearch.metrics` + +### Nested Schema for `spec.postgres.metrics` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--opensearch--metrics--labels)) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--postgres--metrics--labels)) - `name` (String) - `type` (String) - `value` (String) - -### Nested Schema for `spec.opensearch.metrics.labels` + +### Nested Schema for `spec.postgres.metrics.labels` Required: @@ -6115,27 +8279,38 @@ Optional: - -### Nested Schema for `spec.opensearch.password` + +### Nested Schema for `spec.postgres.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.postgres.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_id--value_from)) - -### Nested Schema for `spec.opensearch.password.value_from` + +### Nested Schema for `spec.postgres.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.opensearch.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.postgres.oauth.client_id.value_from.config_map_key_ref` Required: @@ -6146,8 +8321,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.opensearch.password.value_from.helm_ref` + +### Nested Schema for `spec.postgres.oauth.client_id.value_from.helm_ref` Required: @@ -6158,8 +8333,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.opensearch.password.value_from.secret_key_ref` + +### Nested Schema for `spec.postgres.oauth.client_id.value_from.secret_key_ref` Required: @@ -6172,49 +8347,27 @@ Optional: - -### Nested Schema for `spec.opensearch.test` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.opensearch.transform` - -Optional: - -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) - - - -### Nested Schema for `spec.opensearch.username` + +### Nested Schema for `spec.postgres.oauth.client_secret` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_secret--value_from)) - -### Nested Schema for `spec.opensearch.username.value_from` + +### Nested Schema for `spec.postgres.oauth.client_secret.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--opensearch--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--oauth--client_secret--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.opensearch.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.postgres.oauth.client_secret.value_from.config_map_key_ref` Required: @@ -6225,8 +8378,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.opensearch.username.value_from.helm_ref` + +### Nested Schema for `spec.postgres.oauth.client_secret.value_from.helm_ref` Required: @@ -6237,8 +8390,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.opensearch.username.value_from.secret_key_ref` + +### Nested Schema for `spec.postgres.oauth.client_secret.value_from.secret_key_ref` Required: @@ -6252,91 +8405,76 @@ Optional: - -### Nested Schema for `spec.pod` + +### Nested Schema for `spec.postgres.password` -Required: +Optional: -- `name` (String) Name of the check +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from)) + + +### Nested Schema for `spec.postgres.password.value_from` Optional: -- `deadline` (Number) -- `delete_timeout` (Number) -- `description` (String) Description for the check -- `expected_content` (String) -- `expected_http_statuses` (List of String) -- `http_retry_interval` (Number) -- `http_timeout` (Number) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `ingress_class` (String) -- `ingress_host` (String) -- `ingress_name` (String) -- `ingress_timeout` (Number) -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--pod--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `path` (String) -- `port` (Number) -- `priority_class` (String) -- `ready_timeout` (Number) -- `round_robin_nodes` (Boolean) -- `schedule_timeout` (Number) -- `spec` (String) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.pod.metrics` + +### Nested Schema for `spec.postgres.password.value_from.config_map_key_ref` + +Required: + +- `key` (String) Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--pod--metrics--labels)) - `name` (String) -- `type` (String) -- `value` (String) - -### Nested Schema for `spec.pod.metrics.labels` + + +### Nested Schema for `spec.postgres.password.value_from.helm_ref` Required: -- `name` (String) +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `value` (String) -- `value_expr` (String) +- `name` (String) + + +### Nested Schema for `spec.postgres.password.value_from.secret_key_ref` +Required: +- `key` (String) + +Optional: + +- `name` (String) - -### Nested Schema for `spec.postgres` -Required: -- `name` (String) Name of the check + + +### Nested Schema for `spec.postgres.test` Optional: -- `connection` (String) Connection name e.g. connection://http/google -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--display)) -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--postgres--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password)) -- `query` (String) -- `results` (Number) Number rows to check for -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username)) +- `expr` (String) +- `javascript` (String) +- `json_path` (String) +- `template` (String) - -### Nested Schema for `spec.postgres.display` + + +### Nested Schema for `spec.postgres.transform` Optional: @@ -6346,51 +8484,112 @@ Optional: - `template` (String) - -### Nested Schema for `spec.postgres.metrics` + +### Nested Schema for `spec.postgres.username` Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--postgres--metrics--labels)) - `name` (String) -- `type` (String) - `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from)) - -### Nested Schema for `spec.postgres.metrics.labels` + +### Nested Schema for `spec.postgres.username.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.postgres.username.value_from.config_map_key_ref` Required: +- `key` (String) + +Optional: + - `name` (String) + + +### Nested Schema for `spec.postgres.username.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + Optional: -- `value` (String) -- `value_expr` (String) +- `name` (String) + + + +### Nested Schema for `spec.postgres.username.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + + +### Nested Schema for `spec.prometheus` + +Required: +- `name` (String) Name of the check +- `query` (String) PromQL query + +Optional: +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--bearer)) +- `connection` (String) Connection name e.g. connection://http/google +- `description` (String) Description for the check +- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--display)) +- `host` (String) Deprecated: use 'url' instead +- `icon` (String) Icon for overwriting default icon on the dashboard +- `labels` (Map of String) Labels for the check +- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--prometheus--metrics)) +- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth)) +- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--password)) +- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--test)) +- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--transform)) +- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is +- `url` (String) Connection url, interpolated with username,password +- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--username)) - -### Nested Schema for `spec.postgres.password` + +### Nested Schema for `spec.prometheus.bearer` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--bearer--value_from)) - -### Nested Schema for `spec.postgres.password.value_from` + +### Nested Schema for `spec.prometheus.bearer.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--password--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--bearer--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.postgres.password.value_from.config_map_key_ref` + +### Nested Schema for `spec.prometheus.bearer.value_from.config_map_key_ref` Required: @@ -6401,8 +8600,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.postgres.password.value_from.helm_ref` + +### Nested Schema for `spec.prometheus.bearer.value_from.helm_ref` Required: @@ -6413,8 +8612,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.postgres.password.value_from.secret_key_ref` + +### Nested Schema for `spec.prometheus.bearer.value_from.secret_key_ref` Required: @@ -6427,8 +8626,8 @@ Optional: - -### Nested Schema for `spec.postgres.test` + +### Nested Schema for `spec.prometheus.display` Optional: @@ -6438,38 +8637,62 @@ Optional: - `template` (String) - -### Nested Schema for `spec.postgres.transform` + +### Nested Schema for `spec.prometheus.metrics` Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--prometheus--metrics--labels)) +- `name` (String) +- `type` (String) +- `value` (String) + +### Nested Schema for `spec.prometheus.metrics.labels` - -### Nested Schema for `spec.postgres.username` +Required: + +- `name` (String) + +Optional: + +- `value` (String) +- `value_expr` (String) + + + + +### Nested Schema for `spec.prometheus.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.prometheus.oauth.client_id` Optional: - `name` (String) - `value` (String) -- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from)) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_id--value_from)) - -### Nested Schema for `spec.postgres.username.value_from` + +### Nested Schema for `spec.prometheus.oauth.client_id.value_from` Optional: -- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--config_map_key_ref)) -- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--helm_ref)) -- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--postgres--username--value_from--secret_key_ref)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_id--value_from--secret_key_ref)) - `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.postgres.username.value_from.config_map_key_ref` + +### Nested Schema for `spec.prometheus.oauth.client_id.value_from.config_map_key_ref` Required: @@ -6480,8 +8703,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.postgres.username.value_from.helm_ref` + +### Nested Schema for `spec.prometheus.oauth.client_id.value_from.helm_ref` Required: @@ -6492,8 +8715,8 @@ Optional: - `name` (String) - -### Nested Schema for `spec.postgres.username.value_from.secret_key_ref` + +### Nested Schema for `spec.prometheus.oauth.client_id.value_from.secret_key_ref` Required: @@ -6506,64 +8729,61 @@ Optional: + +### Nested Schema for `spec.prometheus.oauth.client_secret` - -### Nested Schema for `spec.prometheus` +Optional: -Required: +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_secret--value_from)) -- `name` (String) Name of the check -- `query` (String) PromQL query + +### Nested Schema for `spec.prometheus.oauth.client_secret.value_from` Optional: -- `connection` (String) Connection name e.g. connection://http/google -- `description` (String) Description for the check -- `display` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--display)) -- `host` (String) Deprecated: use 'url' instead -- `icon` (String) Icon for overwriting default icon on the dashboard -- `labels` (Map of String) Labels for the check -- `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--prometheus--metrics)) -- `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. -- `password` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--password)) -- `test` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--test)) -- `transform` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--transform)) -- `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is -- `url` (String) Connection url, interpolated with username,password -- `username` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--username)) +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--prometheus--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched - -### Nested Schema for `spec.prometheus.display` + +### Nested Schema for `spec.prometheus.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) Optional: -- `expr` (String) -- `javascript` (String) -- `json_path` (String) -- `template` (String) +- `name` (String) - -### Nested Schema for `spec.prometheus.metrics` + +### Nested Schema for `spec.prometheus.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. Optional: -- `labels` (Attributes List) (see [below for nested schema](#nestedatt--spec--prometheus--metrics--labels)) - `name` (String) -- `type` (String) -- `value` (String) - -### Nested Schema for `spec.prometheus.metrics.labels` + + +### Nested Schema for `spec.prometheus.oauth.client_secret.value_from.secret_key_ref` Required: -- `name` (String) +- `key` (String) Optional: -- `value` (String) -- `value_expr` (String) +- `name` (String) + + @@ -6714,6 +8934,7 @@ Required: Optional: - `addr` (String) Deprecated: Use url instead +- `bearer` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--bearer)) - `connection` (String) Connection name e.g. connection://http/google - `db` (Number) - `description` (String) Description for the check @@ -6721,11 +8942,69 @@ Optional: - `labels` (Map of String) Labels for the check - `metrics` (Attributes List) Metrics to expose from check results (see [below for nested schema](#nestedatt--spec--redis--metrics)) - `namespace` (String) Namespace to insert the check into, if different to the namespace the canary is defined, e.g. +- `oauth` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth)) - `password` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--password)) - `transform_delete_strategy` (String) Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is - `url` (String) Connection url, interpolated with username,password - `username` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--username)) + +### Nested Schema for `spec.redis.bearer` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--bearer--value_from)) + + +### Nested Schema for `spec.redis.bearer.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--bearer--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--bearer--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--bearer--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.redis.bearer.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.bearer.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.bearer.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + ### Nested Schema for `spec.redis.metrics` @@ -6750,6 +9029,132 @@ Optional: + +### Nested Schema for `spec.redis.oauth` + +Optional: + +- `client_id` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_id)) +- `client_secret` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_secret)) +- `params` (Map of String) +- `scope` (List of String) +- `token_url` (String) + + +### Nested Schema for `spec.redis.oauth.client_id` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_id--value_from)) + + +### Nested Schema for `spec.redis.oauth.client_id.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_id--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_id--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_id--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.redis.oauth.client_id.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.oauth.client_id.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.oauth.client_id.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + +### Nested Schema for `spec.redis.oauth.client_secret` + +Optional: + +- `name` (String) +- `value` (String) +- `value_from` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_secret--value_from)) + + +### Nested Schema for `spec.redis.oauth.client_secret.value_from` + +Optional: + +- `config_map_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_secret--value_from--config_map_key_ref)) +- `helm_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_secret--value_from--helm_ref)) +- `secret_key_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--redis--oauth--client_secret--value_from--secret_key_ref)) +- `service_account` (String) ServiceAccount specifies the service account whose token should be fetched + + +### Nested Schema for `spec.redis.oauth.client_secret.value_from.config_map_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.oauth.client_secret.value_from.helm_ref` + +Required: + +- `key` (String) Key is a JSONPath expression used to fetch the key from the merged JSON. + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.redis.oauth.client_secret.value_from.secret_key_ref` + +Required: + +- `key` (String) + +Optional: + +- `name` (String) + + + + + ### Nested Schema for `spec.redis.password` diff --git a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md index 7e65a8dae..0bb16e2b0 100644 --- a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md +++ b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md @@ -403,18 +403,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.catch.wait.for` diff --git a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md index c8dbc98c6..7077c0bc7 100644 --- a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md +++ b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md @@ -440,18 +440,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--error--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--error--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--error--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.error.catch.wait.for` diff --git a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md index 53bc3d1d6..7a71f86ac 100644 --- a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md +++ b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md @@ -755,18 +755,18 @@ Optional: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--try--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--try--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.try.wait.for` @@ -1153,18 +1153,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.catch.wait.for` @@ -1542,18 +1542,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.cleanup.wait.for` @@ -1943,18 +1943,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.finally.wait.for` @@ -2355,18 +2355,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.catch.wait.for` diff --git a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha2_manifest.md b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha2_manifest.md index cbccfc103..1c37c4f52 100644 --- a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha2_manifest.md +++ b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha2_manifest.md @@ -98,6 +98,9 @@ Optional: - `apply` (Attributes) Apply represents resources that should be applied for this test step. This can include thingslike configuration settings or any other resources that need to be available during the test. (see [below for nested schema](#nestedatt--spec--steps--try--apply)) - `assert` (Attributes) Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. (see [below for nested schema](#nestedatt--spec--steps--try--assert)) +- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--bindings)) +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). +- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--clusters)) - `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--try--command)) - `continue_on_error` (Boolean) ContinueOnError determines whether a test should continue or not in case the operation was not successful.Even if the test continues executing, it will still be reported as failed. - `create` (Attributes) Create represents a creation operation. (see [below for nested schema](#nestedatt--spec--steps--try--create)) @@ -107,6 +110,7 @@ Optional: - `error` (Attributes) Error represents the expected errors for this test step. If any of these errors occur, the testwill consider them as expected; otherwise, they will be treated as test failures. (see [below for nested schema](#nestedatt--spec--steps--try--error)) - `events` (Attributes) Events determines the events collector to execute. (see [below for nested schema](#nestedatt--spec--steps--try--events)) - `get` (Attributes) Get determines the resource get collector to execute. (see [below for nested schema](#nestedatt--spec--steps--try--get)) +- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--outputs)) - `patch` (Attributes) Patch represents a patch operation. (see [below for nested schema](#nestedatt--spec--steps--try--patch)) - `pod_logs` (Attributes) PodLogs determines the pod logs collector to execute. (see [below for nested schema](#nestedatt--spec--steps--try--pod_logs)) - `script` (Attributes) Script defines a script to run. (see [below for nested schema](#nestedatt--spec--steps--try--script)) @@ -119,38 +123,13 @@ Optional: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--apply--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--apply--clusters)) - `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--try--apply--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--apply--outputs)) - `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.apply.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.apply.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.apply.expect` @@ -163,35 +142,20 @@ Optional: - `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.try.apply.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.assert` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--assert--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--assert--clusters)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. - `resource` (Map of String) Check provides a check used in assertions. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.assert.bindings` + + +### Nested Schema for `spec.steps.try.bindings` Required: @@ -199,8 +163,8 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.try.assert.clusters` + +### Nested Schema for `spec.steps.try.clusters` Required: @@ -211,7 +175,6 @@ Optional: - `context` (String) Context is the name of the context to use. - ### Nested Schema for `spec.steps.try.command` @@ -222,36 +185,11 @@ Required: Optional: - `args` (List of String) Args is the command arguments. -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--command--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--command--clusters)) - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--try--command--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--command--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.command.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.command.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.command.env` @@ -261,57 +199,19 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.try.command.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.create` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--create--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--create--clusters)) - `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--try--create--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--create--outputs)) - `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.create.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.create.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.create.expect` @@ -324,28 +224,12 @@ Optional: - `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.try.create.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.delete` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--delete--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--delete--clusters)) - `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--try--delete--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. @@ -353,27 +237,6 @@ Optional: - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.delete.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.delete.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.delete.expect` @@ -412,87 +275,35 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--describe--clusters)) - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `show_events` (Boolean) Show Events indicates whether to include related events. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.describe.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.error` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--error--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--error--clusters)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. - `resource` (Map of String) Check provides a check used in assertions. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.error.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.error.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.events` Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--events--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.events.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.get` @@ -504,25 +315,24 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--get--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.get.clusters` + + +### Nested Schema for `spec.steps.try.outputs` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `name` (String) Name the name of the binding. +- `value` (Map of String) Value value of the binding. Optional: -- `context` (String) Context is the name of the context to use. - +- `match` (Map of String) Match defines the matching statement. @@ -530,38 +340,13 @@ Optional: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--patch--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--patch--clusters)) - `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--try--patch--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--patch--outputs)) - `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.patch.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.patch.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.patch.expect` @@ -574,27 +359,12 @@ Optional: - `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.try.patch.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.pod_logs` Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--pod_logs--clusters)) - `container` (String) Container in pod to get logs from else --all-containers is used. - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ @@ -602,55 +372,18 @@ Optional: - `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.pod_logs.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.script` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--script--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--script--clusters)) - `content` (String) Content defines a shell script (run with 'sh -c ...'). - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--try--script--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--script--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.script.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.script.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.script.env` @@ -660,19 +393,6 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.try.script.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.sleep` @@ -687,38 +407,13 @@ Required: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--try--update--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--update--clusters)) - `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--try--update--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--try--update--outputs)) - `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.try.update.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.try.update.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.try.update.expect` @@ -731,19 +426,6 @@ Optional: - `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.try.update.outputs` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - -Optional: - -- `match` (Map of String) Match defines the matching statement. - - ### Nested Schema for `spec.steps.try.wait` @@ -751,18 +433,16 @@ Optional: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--try--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--try--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--try--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.try.wait.for` @@ -795,18 +475,6 @@ Required: - -### Nested Schema for `spec.steps.try.wait.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - @@ -823,17 +491,84 @@ Required: Optional: +- `apply` (Attributes) Apply represents resources that should be applied for this test step. This can include thingslike configuration settings or any other resources that need to be available during the test. (see [below for nested schema](#nestedatt--spec--steps--catch--apply)) +- `assert` (Attributes) Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. (see [below for nested schema](#nestedatt--spec--steps--catch--assert)) +- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--catch--bindings)) +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). +- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--clusters)) - `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--catch--command)) +- `create` (Attributes) Create represents a creation operation. (see [below for nested schema](#nestedatt--spec--steps--catch--create)) - `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--catch--delete)) - `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--describe)) - `description` (String) Description contains a description of the operation. +- `error` (Attributes) Error represents the expected errors for this test step. If any of these errors occur, the testwill consider them as expected; otherwise, they will be treated as test failures. (see [below for nested schema](#nestedatt--spec--steps--catch--error)) - `events` (Attributes) Events determines the events collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--events)) - `get` (Attributes) Get determines the resource get collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--get)) +- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--catch--outputs)) +- `patch` (Attributes) Patch represents a patch operation. (see [below for nested schema](#nestedatt--spec--steps--catch--patch)) - `pod_logs` (Attributes) PodLogs determines the pod logs collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--pod_logs)) - `script` (Attributes) Script defines a script to run. (see [below for nested schema](#nestedatt--spec--steps--catch--script)) - `sleep` (Attributes) Sleep defines zzzz. (see [below for nested schema](#nestedatt--spec--steps--catch--sleep)) +- `update` (Attributes) Update represents an update operation. (see [below for nested schema](#nestedatt--spec--steps--catch--update)) - `wait` (Attributes) Wait determines the resource wait collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--wait)) + +### Nested Schema for `spec.steps.catch.apply` + +Optional: + +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--catch--apply--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. + + +### Nested Schema for `spec.steps.catch.apply.expect` + +Required: + +- `check` (Map of String) Check defines the verification statement. + +Optional: + +- `match` (Map of String) Match defines the matching statement. + + + + +### Nested Schema for `spec.steps.catch.assert` + +Optional: + +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. + + + +### Nested Schema for `spec.steps.catch.bindings` + +Required: + +- `name` (String) Name the name of the binding. +- `value` (Map of String) Value value of the binding. + + + +### Nested Schema for `spec.steps.catch.clusters` + +Required: + +- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +Optional: + +- `context` (String) Context is the name of the context to use. + + ### Nested Schema for `spec.steps.catch.command` @@ -844,17 +579,13 @@ Required: Optional: - `args` (List of String) Args is the command arguments. -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--catch--command--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--command--clusters)) - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--catch--command--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--catch--command--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.command.bindings` + +### Nested Schema for `spec.steps.catch.command.env` Required: @@ -862,34 +593,25 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.catch.command.clusters` -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +### Nested Schema for `spec.steps.catch.create` Optional: -- `context` (String) Context is the name of the context to use. - - - -### Nested Schema for `spec.steps.catch.command.env` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--catch--create--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.command.outputs` + +### Nested Schema for `spec.steps.catch.create.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. Optional: @@ -902,9 +624,6 @@ Optional: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--catch--delete--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--delete--clusters)) - `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. - `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--catch--delete--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. @@ -912,27 +631,6 @@ Optional: - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.delete.bindings` - -Required: - -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. - - - -### Nested Schema for `spec.steps.catch.delete.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.catch.delete.expect` @@ -971,25 +669,22 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--describe--clusters)) - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `show_events` (Boolean) Show Events indicates whether to include related events. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.describe.clusters` - -Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +### Nested Schema for `spec.steps.catch.error` Optional: -- `context` (String) Context is the name of the context to use. - +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. @@ -997,26 +692,12 @@ Optional: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--events--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.events.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.catch.get` @@ -1028,52 +709,62 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--get--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.get.clusters` + + +### Nested Schema for `spec.steps.catch.outputs` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `name` (String) Name the name of the binding. +- `value` (Map of String) Value value of the binding. Optional: -- `context` (String) Context is the name of the context to use. - +- `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.catch.pod_logs` + +### Nested Schema for `spec.steps.catch.patch` Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--pod_logs--clusters)) -- `container` (String) Container in pod to get logs from else --all-containers is used. -- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `selector` (String) Selector defines labels selector. -- `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--catch--patch--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.pod_logs.clusters` + +### Nested Schema for `spec.steps.catch.patch.expect` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `check` (Map of String) Check defines the verification statement. Optional: -- `context` (String) Context is the name of the context to use. +- `match` (Map of String) Match defines the matching statement. + + + + +### Nested Schema for `spec.steps.catch.pod_logs` + +Optional: +- `container` (String) Container in pod to get logs from else --all-containers is used. +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `selector` (String) Selector defines labels selector. +- `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. @@ -1081,18 +772,14 @@ Optional: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--catch--script--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--script--clusters)) - `content` (String) Content defines a shell script (run with 'sh -c ...'). - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--catch--script--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--catch--script--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.script.bindings` + +### Nested Schema for `spec.steps.catch.script.env` Required: @@ -1100,34 +787,33 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.catch.script.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. -Optional: + +### Nested Schema for `spec.steps.catch.sleep` -- `context` (String) Context is the name of the context to use. +Required: +- `duration` (String) Duration is the delay used for sleeping. - -### Nested Schema for `spec.steps.catch.script.env` -Required: + +### Nested Schema for `spec.steps.catch.update` -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +Optional: +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--catch--update--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.catch.script.outputs` + +### Nested Schema for `spec.steps.catch.update.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. Optional: @@ -1135,32 +821,22 @@ Optional: - -### Nested Schema for `spec.steps.catch.sleep` - -Required: - -- `duration` (String) Duration is the delay used for sleeping. - - ### Nested Schema for `spec.steps.catch.wait` Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.catch.wait.for` @@ -1193,18 +869,6 @@ Required: - -### Nested Schema for `spec.steps.catch.wait.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - @@ -1212,38 +876,65 @@ Optional: Optional: +- `apply` (Attributes) Apply represents resources that should be applied for this test step. This can include thingslike configuration settings or any other resources that need to be available during the test. (see [below for nested schema](#nestedatt--spec--steps--cleanup--apply)) +- `assert` (Attributes) Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. (see [below for nested schema](#nestedatt--spec--steps--cleanup--assert)) +- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--cleanup--bindings)) +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). +- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--clusters)) - `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command)) +- `create` (Attributes) Create represents a creation operation. (see [below for nested schema](#nestedatt--spec--steps--cleanup--create)) - `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete)) - `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--describe)) - `description` (String) Description contains a description of the operation. +- `error` (Attributes) Error represents the expected errors for this test step. If any of these errors occur, the testwill consider them as expected; otherwise, they will be treated as test failures. (see [below for nested schema](#nestedatt--spec--steps--cleanup--error)) - `events` (Attributes) Events determines the events collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--events)) - `get` (Attributes) Get determines the resource get collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--get)) +- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--cleanup--outputs)) +- `patch` (Attributes) Patch represents a patch operation. (see [below for nested schema](#nestedatt--spec--steps--cleanup--patch)) - `pod_logs` (Attributes) PodLogs determines the pod logs collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--pod_logs)) - `script` (Attributes) Script defines a script to run. (see [below for nested schema](#nestedatt--spec--steps--cleanup--script)) - `sleep` (Attributes) Sleep defines zzzz. (see [below for nested schema](#nestedatt--spec--steps--cleanup--sleep)) +- `update` (Attributes) Update represents an update operation. (see [below for nested schema](#nestedatt--spec--steps--cleanup--update)) - `wait` (Attributes) Wait determines the resource wait collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait)) - -### Nested Schema for `spec.steps.cleanup.command` + +### Nested Schema for `spec.steps.cleanup.apply` + +Optional: + +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--apply--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. + + +### Nested Schema for `spec.steps.cleanup.apply.expect` Required: -- `entrypoint` (String) Entrypoint is the command entry point to run. +- `check` (Map of String) Check defines the verification statement. Optional: -- `args` (List of String) Args is the command arguments. -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command--bindings)) -- `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command--clusters)) -- `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command--outputs)) -- `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. +- `match` (Map of String) Match defines the matching statement. + + + + +### Nested Schema for `spec.steps.cleanup.assert` + +Optional: + +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.command.bindings` + + +### Nested Schema for `spec.steps.cleanup.bindings` Required: @@ -1251,8 +942,8 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.cleanup.command.clusters` + +### Nested Schema for `spec.steps.cleanup.clusters` Required: @@ -1263,64 +954,67 @@ Optional: - `context` (String) Context is the name of the context to use. - -### Nested Schema for `spec.steps.cleanup.command.env` + +### Nested Schema for `spec.steps.cleanup.command` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `entrypoint` (String) Entrypoint is the command entry point to run. + +Optional: +- `args` (List of String) Args is the command arguments. +- `check` (Map of String) Check is an assertion tree to validate the operation outcome. +- `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command--env)) +- `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.command.outputs` + +### Nested Schema for `spec.steps.cleanup.command.env` Required: - `name` (String) Name the name of the binding. - `value` (Map of String) Value value of the binding. -Optional: - -- `match` (Map of String) Match defines the matching statement. - - -### Nested Schema for `spec.steps.cleanup.delete` + +### Nested Schema for `spec.steps.cleanup.create` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--clusters)) -- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. -- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--expect)) +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--create--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `ref` (Attributes) Ref determines objects to be deleted. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--ref)) +- `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.delete.bindings` + +### Nested Schema for `spec.steps.cleanup.create.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. +Optional: - -### Nested Schema for `spec.steps.cleanup.delete.clusters` +- `match` (Map of String) Match defines the matching statement. -Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. -Optional: + +### Nested Schema for `spec.steps.cleanup.delete` -- `context` (String) Context is the name of the context to use. +Optional: +- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `ref` (Attributes) Ref determines objects to be deleted. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete--ref)) +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.cleanup.delete.expect` @@ -1360,25 +1054,22 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--describe--clusters)) - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `show_events` (Boolean) Show Events indicates whether to include related events. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.describe.clusters` - -Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +### Nested Schema for `spec.steps.cleanup.error` Optional: -- `context` (String) Context is the name of the context to use. - +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. @@ -1386,55 +1077,65 @@ Optional: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--events--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.events.clusters` + + +### Nested Schema for `spec.steps.cleanup.get` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `api_version` (String) API version of the referent. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `context` (String) Context is the name of the context to use. +- `format` (String) Format determines the output format (json or yaml). +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `selector` (String) Selector defines labels selector. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. + +### Nested Schema for `spec.steps.cleanup.outputs` - -### Nested Schema for `spec.steps.cleanup.get` +Required: + +- `name` (String) Name the name of the binding. +- `value` (Map of String) Value value of the binding. + +Optional: + +- `match` (Map of String) Match defines the matching statement. -Required: -- `api_version` (String) API version of the referent. -- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + +### Nested Schema for `spec.steps.cleanup.patch` Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--get--clusters)) -- `format` (String) Format determines the output format (json or yaml). -- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `selector` (String) Selector defines labels selector. +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--patch--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.get.clusters` + +### Nested Schema for `spec.steps.cleanup.patch.expect` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `check` (Map of String) Check defines the verification statement. Optional: -- `context` (String) Context is the name of the context to use. +- `match` (Map of String) Match defines the matching statement. @@ -1443,8 +1144,6 @@ Optional: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--pod_logs--clusters)) - `container` (String) Container in pod to get logs from else --all-containers is used. - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ @@ -1452,36 +1151,20 @@ Optional: - `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.pod_logs.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.cleanup.script` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--cleanup--script--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--script--clusters)) - `content` (String) Content defines a shell script (run with 'sh -c ...'). - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--cleanup--script--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--cleanup--script--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.script.bindings` + +### Nested Schema for `spec.steps.cleanup.script.env` Required: @@ -1489,34 +1172,33 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.cleanup.script.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. -Optional: + +### Nested Schema for `spec.steps.cleanup.sleep` -- `context` (String) Context is the name of the context to use. +Required: +- `duration` (String) Duration is the delay used for sleeping. - -### Nested Schema for `spec.steps.cleanup.script.env` -Required: + +### Nested Schema for `spec.steps.cleanup.update` -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +Optional: +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--cleanup--update--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.cleanup.script.outputs` + +### Nested Schema for `spec.steps.cleanup.update.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. Optional: @@ -1524,32 +1206,22 @@ Optional: - -### Nested Schema for `spec.steps.cleanup.sleep` - -Required: - -- `duration` (String) Duration is the delay used for sleeping. - - ### Nested Schema for `spec.steps.cleanup.wait` Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--cleanup--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.cleanup.wait.for` @@ -1582,18 +1254,6 @@ Required: - -### Nested Schema for `spec.steps.cleanup.wait.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - @@ -1613,38 +1273,65 @@ Optional: Optional: +- `apply` (Attributes) Apply represents resources that should be applied for this test step. This can include thingslike configuration settings or any other resources that need to be available during the test. (see [below for nested schema](#nestedatt--spec--steps--finally--apply)) +- `assert` (Attributes) Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. (see [below for nested schema](#nestedatt--spec--steps--finally--assert)) +- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--finally--bindings)) +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). +- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--clusters)) - `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--finally--command)) +- `create` (Attributes) Create represents a creation operation. (see [below for nested schema](#nestedatt--spec--steps--finally--create)) - `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--finally--delete)) - `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--describe)) - `description` (String) Description contains a description of the operation. +- `error` (Attributes) Error represents the expected errors for this test step. If any of these errors occur, the testwill consider them as expected; otherwise, they will be treated as test failures. (see [below for nested schema](#nestedatt--spec--steps--finally--error)) - `events` (Attributes) Events determines the events collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--events)) - `get` (Attributes) Get determines the resource get collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--get)) +- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--finally--outputs)) +- `patch` (Attributes) Patch represents a patch operation. (see [below for nested schema](#nestedatt--spec--steps--finally--patch)) - `pod_logs` (Attributes) PodLogs determines the pod logs collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--pod_logs)) - `script` (Attributes) Script defines a script to run. (see [below for nested schema](#nestedatt--spec--steps--finally--script)) - `sleep` (Attributes) Sleep defines zzzz. (see [below for nested schema](#nestedatt--spec--steps--finally--sleep)) +- `update` (Attributes) Update represents an update operation. (see [below for nested schema](#nestedatt--spec--steps--finally--update)) - `wait` (Attributes) Wait determines the resource wait collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--wait)) - -### Nested Schema for `spec.steps.finally.command` + +### Nested Schema for `spec.steps.finally.apply` + +Optional: + +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--apply--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. + + +### Nested Schema for `spec.steps.finally.apply.expect` Required: -- `entrypoint` (String) Entrypoint is the command entry point to run. +- `check` (Map of String) Check defines the verification statement. Optional: -- `args` (List of String) Args is the command arguments. -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--finally--command--bindings)) -- `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--command--clusters)) -- `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--finally--command--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--finally--command--outputs)) -- `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. +- `match` (Map of String) Match defines the matching statement. + + + + +### Nested Schema for `spec.steps.finally.assert` + +Optional: + +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.command.bindings` + + +### Nested Schema for `spec.steps.finally.bindings` Required: @@ -1652,8 +1339,8 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.finally.command.clusters` + +### Nested Schema for `spec.steps.finally.clusters` Required: @@ -1664,64 +1351,67 @@ Optional: - `context` (String) Context is the name of the context to use. - -### Nested Schema for `spec.steps.finally.command.env` + +### Nested Schema for `spec.steps.finally.command` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `entrypoint` (String) Entrypoint is the command entry point to run. + +Optional: +- `args` (List of String) Args is the command arguments. +- `check` (Map of String) Check is an assertion tree to validate the operation outcome. +- `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--finally--command--env)) +- `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.command.outputs` + +### Nested Schema for `spec.steps.finally.command.env` Required: - `name` (String) Name the name of the binding. - `value` (Map of String) Value value of the binding. -Optional: - -- `match` (Map of String) Match defines the matching statement. - - -### Nested Schema for `spec.steps.finally.delete` + +### Nested Schema for `spec.steps.finally.create` Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--bindings)) -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--clusters)) -- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. -- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--expect)) +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--create--expect)) - `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. -- `ref` (Attributes) Ref determines objects to be deleted. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--ref)) +- `resource` (Map of String) Resource provides a resource to be applied. - `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.delete.bindings` + +### Nested Schema for `spec.steps.finally.create.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. + +Optional: +- `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.finally.delete.clusters` -Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +### Nested Schema for `spec.steps.finally.delete` Optional: -- `context` (String) Context is the name of the context to use. - +- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents ofthe object, and how the garbage collector will handle the propagation.Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `ref` (Attributes) Ref determines objects to be deleted. (see [below for nested schema](#nestedatt--spec--steps--finally--delete--ref)) +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.finally.delete.expect` @@ -1761,25 +1451,22 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--describe--clusters)) - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `show_events` (Boolean) Show Events indicates whether to include related events. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.describe.clusters` - -Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. + +### Nested Schema for `spec.steps.finally.error` Optional: -- `context` (String) Context is the name of the context to use. - +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Check provides a check used in assertions. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. @@ -1787,26 +1474,12 @@ Optional: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--events--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.events.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - ### Nested Schema for `spec.steps.finally.get` @@ -1818,52 +1491,62 @@ Required: Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--get--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.get.clusters` + + +### Nested Schema for `spec.steps.finally.outputs` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `name` (String) Name the name of the binding. +- `value` (Map of String) Value value of the binding. Optional: -- `context` (String) Context is the name of the context to use. - +- `match` (Map of String) Match defines the matching statement. - -### Nested Schema for `spec.steps.finally.pod_logs` + +### Nested Schema for `spec.steps.finally.patch` Optional: -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--pod_logs--clusters)) -- `container` (String) Container in pod to get logs from else --all-containers is used. -- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `selector` (String) Selector defines labels selector. -- `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--patch--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.pod_logs.clusters` + +### Nested Schema for `spec.steps.finally.patch.expect` Required: -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. +- `check` (Map of String) Check defines the verification statement. Optional: -- `context` (String) Context is the name of the context to use. +- `match` (Map of String) Match defines the matching statement. + + + + +### Nested Schema for `spec.steps.finally.pod_logs` +Optional: + +- `container` (String) Container in pod to get logs from else --all-containers is used. +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `selector` (String) Selector defines labels selector. +- `tail` (Number) Tail is the number of last lines to collect from pods. If omitted or zero,then the default is 10 if you use a selector, or -1 (all) if you use a pod name.This matches default behavior of 'kubectl logs'. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. @@ -1871,18 +1554,14 @@ Optional: Optional: -- `bindings` (Attributes List) Bindings defines additional binding key/values. (see [below for nested schema](#nestedatt--spec--steps--finally--script--bindings)) - `check` (Map of String) Check is an assertion tree to validate the operation outcome. -- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--script--clusters)) - `content` (String) Content defines a shell script (run with 'sh -c ...'). - `env` (Attributes List) Env defines additional environment variables. (see [below for nested schema](#nestedatt--spec--steps--finally--script--env)) -- `outputs` (Attributes List) Outputs defines output bindings. (see [below for nested schema](#nestedatt--spec--steps--finally--script--outputs)) - `skip_log_output` (Boolean) SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.script.bindings` + +### Nested Schema for `spec.steps.finally.script.env` Required: @@ -1890,34 +1569,33 @@ Required: - `value` (Map of String) Value value of the binding. - -### Nested Schema for `spec.steps.finally.script.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. -Optional: + +### Nested Schema for `spec.steps.finally.sleep` -- `context` (String) Context is the name of the context to use. +Required: +- `duration` (String) Duration is the delay used for sleeping. - -### Nested Schema for `spec.steps.finally.script.env` -Required: + +### Nested Schema for `spec.steps.finally.update` -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +Optional: +- `dry_run` (Boolean) DryRun determines whether the file should be applied in dry run mode. +- `expect` (Attributes List) Expect defines a list of matched checks to validate the operation outcome. (see [below for nested schema](#nestedatt--spec--steps--finally--update--expect)) +- `file` (String) File is the path to the referenced file. This can be a direct path to a fileor an expression that matches multiple files, such as 'manifest/*.yaml' for all YAMLfiles within the 'manifest' directory. +- `resource` (Map of String) Resource provides a resource to be applied. +- `template` (Boolean) Template determines whether resources should be considered for templating. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. - -### Nested Schema for `spec.steps.finally.script.outputs` + +### Nested Schema for `spec.steps.finally.update.expect` Required: -- `name` (String) Name the name of the binding. -- `value` (Map of String) Value value of the binding. +- `check` (Map of String) Check defines the verification statement. Optional: @@ -1925,32 +1603,22 @@ Optional: - -### Nested Schema for `spec.steps.finally.sleep` - -Required: - -- `duration` (String) Duration is the delay used for sleeping. - - ### Nested Schema for `spec.steps.finally.wait` Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). -- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--finally--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.steps.finally.wait.for` @@ -1983,18 +1651,6 @@ Required: - -### Nested Schema for `spec.steps.finally.wait.clusters` - -Required: - -- `kubeconfig` (String) Kubeconfig is the path to the referenced file. - -Optional: - -- `context` (String) Context is the name of the context to use. - - @@ -2387,18 +2043,18 @@ Required: Required: - `api_version` (String) API version of the referent. -- `for` (Attributes) For specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--error--catch--wait--for)) +- `for` (Attributes) WaitFor specifies the condition to wait for. (see [below for nested schema](#nestedatt--spec--error--catch--wait--for)) - `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds Optional: -- `cluster` (String) Cluster defines the target cluster where the wait operation will be performed (default cluster will be used if not specified). +- `cluster` (String) Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--error--catch--wait--clusters)) - `format` (String) Format determines the output format (json or yaml). - `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - `selector` (String) Selector defines labels selector. -- `timeout` (String) Timeout for the operation. Specifies how long to wait for the condition to be met before timing out. +- `timeout` (String) Timeout for the operation. Overrides the global timeout set in the Configuration. ### Nested Schema for `spec.error.catch.wait.for` diff --git a/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md index 372739a7e..f3e6d712f 100644 --- a/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md +++ b/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md @@ -98,7 +98,7 @@ Optional: Optional: - `max_unhealthy` (String) Any further remediation is only allowed if at most 'MaxUnhealthy' machines selected by'selector' are not healthy. -- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure and control plane ready condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. +- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure ready condition timestamp (if and when available)- Control Plane's initialized condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. - `remediation_template` (Attributes) RemediationTemplate is a reference to a remediation templateprovided by an infrastructure provider.This field is completely optional, when filled, the MachineHealthCheck controllercreates a new object from the template referenced and hands off remediation of the machine toa controller that lives outside of Cluster API. (see [below for nested schema](#nestedatt--spec--control_plane--machine_health_check--remediation_template)) - `unhealthy_conditions` (Attributes List) UnhealthyConditions contains a list of the conditions that determinewhether a node is considered unhealthy. The conditions are combined in alogical OR, i.e. if any of the conditions is met, the node is unhealthy. (see [below for nested schema](#nestedatt--spec--control_plane--machine_health_check--unhealthy_conditions)) - `unhealthy_range` (String) Any further remediation is only allowed if the number of machines selected by 'selector' as not healthyis within the range of 'UnhealthyRange'. Takes precedence over MaxUnhealthy.Eg. '[3-5]' - This means that remediation will be allowed only when:(a) there are at least 3 unhealthy machines (and)(b) there are at most 5 unhealthy machines @@ -446,7 +446,7 @@ Optional: Optional: - `max_unhealthy` (String) Any further remediation is only allowed if at most 'MaxUnhealthy' machines selected by'selector' are not healthy. -- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure and control plane ready condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. +- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure ready condition timestamp (if and when available)- Control Plane's initialized condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. - `remediation_template` (Attributes) RemediationTemplate is a reference to a remediation templateprovided by an infrastructure provider.This field is completely optional, when filled, the MachineHealthCheck controllercreates a new object from the template referenced and hands off remediation of the machine toa controller that lives outside of Cluster API. (see [below for nested schema](#nestedatt--spec--workers--machine_deployments--machine_health_check--remediation_template)) - `unhealthy_conditions` (Attributes List) UnhealthyConditions contains a list of the conditions that determinewhether a node is considered unhealthy. The conditions are combined in alogical OR, i.e. if any of the conditions is met, the node is unhealthy. (see [below for nested schema](#nestedatt--spec--workers--machine_deployments--machine_health_check--unhealthy_conditions)) - `unhealthy_range` (String) Any further remediation is only allowed if the number of machines selected by 'selector' as not healthyis within the range of 'UnhealthyRange'. Takes precedence over MaxUnhealthy.Eg. '[3-5]' - This means that remediation will be allowed only when:(a) there are at least 3 unhealthy machines (and)(b) there are at most 5 unhealthy machines @@ -489,9 +489,18 @@ Optional: Optional: +- `remediation` (Attributes) Remediation controls the strategy of remediating unhealthy machinesand how remediating operations should occur during the lifecycle of the dependant MachineSets. (see [below for nested schema](#nestedatt--spec--workers--machine_deployments--strategy--remediation)) - `rolling_update` (Attributes) Rolling update config params. Present only ifMachineDeploymentStrategyType = RollingUpdate. (see [below for nested schema](#nestedatt--spec--workers--machine_deployments--strategy--rolling_update)) - `type` (String) Type of deployment. Allowed values are RollingUpdate and OnDelete.The default is RollingUpdate. + +### Nested Schema for `spec.workers.machine_deployments.strategy.remediation` + +Optional: + +- `max_in_flight` (String) MaxInFlight determines how many in flight remediations should happen at the same time.Remediation only happens on the MachineSet with the most current revision, whileolder MachineSets (usually present during rollout operations) aren't allowed to remediate.Note: In general (independent of remediations), unhealthy machines are alwaysprioritized during scale down operations over healthy ones.MaxInFlight can be set to a fixed number or a percentage.Example: when this is set to 20%, the MachineSet controller deletes at most 20% ofthe desired replicas.If not set, remediation is limited to all machines (bounded by replicas)under the active MachineSet's management. + + ### Nested Schema for `spec.workers.machine_deployments.strategy.rolling_update` diff --git a/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md index 5fd335c10..222f159c8 100644 --- a/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md +++ b/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md @@ -161,7 +161,7 @@ Optional: - `enable` (Boolean) Enable controls if a MachineHealthCheck should be created for the target machines.If false: No MachineHealthCheck will be created.If not set(default): A MachineHealthCheck will be created if it is defined here or in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created.If true: A MachineHealthCheck is guaranteed to be created. Cluster validation willblock if 'enable' is true and no MachineHealthCheck definition is available. - `max_unhealthy` (String) Any further remediation is only allowed if at most 'MaxUnhealthy' machines selected by'selector' are not healthy. -- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure and control plane ready condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. +- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure ready condition timestamp (if and when available)- Control Plane's initialized condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. - `remediation_template` (Attributes) RemediationTemplate is a reference to a remediation templateprovided by an infrastructure provider.This field is completely optional, when filled, the MachineHealthCheck controllercreates a new object from the template referenced and hands off remediation of the machine toa controller that lives outside of Cluster API. (see [below for nested schema](#nestedatt--spec--topology--control_plane--machine_health_check--remediation_template)) - `unhealthy_conditions` (Attributes List) UnhealthyConditions contains a list of the conditions that determinewhether a node is considered unhealthy. The conditions are combined in alogical OR, i.e. if any of the conditions is met, the node is unhealthy. (see [below for nested schema](#nestedatt--spec--topology--control_plane--machine_health_check--unhealthy_conditions)) - `unhealthy_range` (String) Any further remediation is only allowed if the number of machines selected by 'selector' as not healthyis within the range of 'UnhealthyRange'. Takes precedence over MaxUnhealthy.Eg. '[3-5]' - This means that remediation will be allowed only when:(a) there are at least 3 unhealthy machines (and)(b) there are at most 5 unhealthy machines @@ -271,7 +271,7 @@ Optional: - `enable` (Boolean) Enable controls if a MachineHealthCheck should be created for the target machines.If false: No MachineHealthCheck will be created.If not set(default): A MachineHealthCheck will be created if it is defined here or in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created.If true: A MachineHealthCheck is guaranteed to be created. Cluster validation willblock if 'enable' is true and no MachineHealthCheck definition is available. - `max_unhealthy` (String) Any further remediation is only allowed if at most 'MaxUnhealthy' machines selected by'selector' are not healthy. -- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure and control plane ready condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. +- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure ready condition timestamp (if and when available)- Control Plane's initialized condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. - `remediation_template` (Attributes) RemediationTemplate is a reference to a remediation templateprovided by an infrastructure provider.This field is completely optional, when filled, the MachineHealthCheck controllercreates a new object from the template referenced and hands off remediation of the machine toa controller that lives outside of Cluster API. (see [below for nested schema](#nestedatt--spec--topology--workers--machine_deployments--machine_health_check--remediation_template)) - `unhealthy_conditions` (Attributes List) UnhealthyConditions contains a list of the conditions that determinewhether a node is considered unhealthy. The conditions are combined in alogical OR, i.e. if any of the conditions is met, the node is unhealthy. (see [below for nested schema](#nestedatt--spec--topology--workers--machine_deployments--machine_health_check--unhealthy_conditions)) - `unhealthy_range` (String) Any further remediation is only allowed if the number of machines selected by 'selector' as not healthyis within the range of 'UnhealthyRange'. Takes precedence over MaxUnhealthy.Eg. '[3-5]' - This means that remediation will be allowed only when:(a) there are at least 3 unhealthy machines (and)(b) there are at most 5 unhealthy machines @@ -315,9 +315,18 @@ Optional: Optional: +- `remediation` (Attributes) Remediation controls the strategy of remediating unhealthy machinesand how remediating operations should occur during the lifecycle of the dependant MachineSets. (see [below for nested schema](#nestedatt--spec--topology--workers--machine_deployments--strategy--remediation)) - `rolling_update` (Attributes) Rolling update config params. Present only ifMachineDeploymentStrategyType = RollingUpdate. (see [below for nested schema](#nestedatt--spec--topology--workers--machine_deployments--strategy--rolling_update)) - `type` (String) Type of deployment. Allowed values are RollingUpdate and OnDelete.The default is RollingUpdate. + +### Nested Schema for `spec.topology.workers.machine_deployments.strategy.remediation` + +Optional: + +- `max_in_flight` (String) MaxInFlight determines how many in flight remediations should happen at the same time.Remediation only happens on the MachineSet with the most current revision, whileolder MachineSets (usually present during rollout operations) aren't allowed to remediate.Note: In general (independent of remediations), unhealthy machines are alwaysprioritized during scale down operations over healthy ones.MaxInFlight can be set to a fixed number or a percentage.Example: when this is set to 20%, the MachineSet controller deletes at most 20% ofthe desired replicas.If not set, remediation is limited to all machines (bounded by replicas)under the active MachineSet's management. + + ### Nested Schema for `spec.topology.workers.machine_deployments.strategy.rolling_update` diff --git a/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md index 6148a6daa..b29459c8b 100644 --- a/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md +++ b/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md @@ -170,9 +170,18 @@ Optional: Optional: +- `remediation` (Attributes) Remediation controls the strategy of remediating unhealthy machinesand how remediating operations should occur during the lifecycle of the dependant MachineSets. (see [below for nested schema](#nestedatt--spec--strategy--remediation)) - `rolling_update` (Attributes) Rolling update config params. Present only ifMachineDeploymentStrategyType = RollingUpdate. (see [below for nested schema](#nestedatt--spec--strategy--rolling_update)) - `type` (String) Type of deployment. Allowed values are RollingUpdate and OnDelete.The default is RollingUpdate. + +### Nested Schema for `spec.strategy.remediation` + +Optional: + +- `max_in_flight` (String) MaxInFlight determines how many in flight remediations should happen at the same time.Remediation only happens on the MachineSet with the most current revision, whileolder MachineSets (usually present during rollout operations) aren't allowed to remediate.Note: In general (independent of remediations), unhealthy machines are alwaysprioritized during scale down operations over healthy ones.MaxInFlight can be set to a fixed number or a percentage.Example: when this is set to 20%, the MachineSet controller deletes at most 20% ofthe desired replicas.If not set, remediation is limited to all machines (bounded by replicas)under the active MachineSet's management. + + ### Nested Schema for `spec.strategy.rolling_update` diff --git a/docs/data-sources/cluster_x_k8s_io_machine_health_check_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_health_check_v1beta1_manifest.md index 7f7d83bee..48588d71d 100644 --- a/docs/data-sources/cluster_x_k8s_io_machine_health_check_v1beta1_manifest.md +++ b/docs/data-sources/cluster_x_k8s_io_machine_health_check_v1beta1_manifest.md @@ -61,7 +61,7 @@ Required: Optional: - `max_unhealthy` (String) Any further remediation is only allowed if at most 'MaxUnhealthy' machines selected by'selector' are not healthy. -- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure and control plane ready condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. +- `node_startup_timeout` (String) NodeStartupTimeout allows to set the maximum time for MachineHealthCheckto consider a Machine unhealthy if a corresponding Node isn't associatedthrough a 'Spec.ProviderID' field.The duration set in this field is compared to the greatest of:- Cluster's infrastructure ready condition timestamp (if and when available)- Control Plane's initialized condition timestamp (if and when available)- Machine's infrastructure ready condition timestamp (if and when available)- Machine's metadata creation timestampDefaults to 10 minutes.If you wish to disable this feature, set the value explicitly to 0. - `remediation_template` (Attributes) RemediationTemplate is a reference to a remediation templateprovided by an infrastructure provider.This field is completely optional, when filled, the MachineHealthCheck controllercreates a new object from the template referenced and hands off remediation of the machine toa controller that lives outside of Cluster API. (see [below for nested schema](#nestedatt--spec--remediation_template)) - `unhealthy_conditions` (Attributes List) UnhealthyConditions contains a list of the conditions that determinewhether a node is considered unhealthy. The conditions are combined in alogical OR, i.e. if any of the conditions is met, the node is unhealthy. (see [below for nested schema](#nestedatt--spec--unhealthy_conditions)) - `unhealthy_range` (String) Any further remediation is only allowed if the number of machines selected by 'selector' as not healthyis within the range of 'UnhealthyRange'. Takes precedence over MaxUnhealthy.Eg. '[3-5]' - This means that remediation will be allowed only when:(a) there are at least 3 unhealthy machines (and)(b) there are at most 5 unhealthy machines diff --git a/docs/data-sources/dataprotection_kubeblocks_io_action_set_v1alpha1_manifest.md b/docs/data-sources/dataprotection_kubeblocks_io_action_set_v1alpha1_manifest.md index 4ef028bac..4eb1e8ca8 100644 --- a/docs/data-sources/dataprotection_kubeblocks_io_action_set_v1alpha1_manifest.md +++ b/docs/data-sources/dataprotection_kubeblocks_io_action_set_v1alpha1_manifest.md @@ -54,13 +54,13 @@ Optional: Required: -- `backup_type` (String) Specifies the backup type. Supported values include: - 'Full' for a full backup. - 'Incremental' back up data that have changed since the last backup (either full or incremental). - 'Differential' back up data that has changed since the last full backup. - 'Continuous' back up transaction logs continuously, such as MySQL binlog, PostgreSQL WAL, etc. Continuous backup is essential for implementing Point-in-Time Recovery (PITR). +- `backup_type` (String) Specifies the backup type. Supported values include:- 'Full' for a full backup.- 'Incremental' back up data that have changed since the last backup (either full or incremental).- 'Differential' back up data that has changed since the last full backup.- 'Continuous' back up transaction logs continuously, such as MySQL binlog, PostgreSQL WAL, etc.Continuous backup is essential for implementing Point-in-Time Recovery (PITR). Optional: - `backup` (Attributes) Specifies the backup action. (see [below for nested schema](#nestedatt--spec--backup)) - `env` (Map of String) Specifies a list of environment variables to be set in the container. -- `env_from` (Map of String) Specifies a list of sources to populate environment variables in the container. The keys within a source must be a C_IDENTIFIER. Any invalid keys will be reported as an event when the container starts. If a key exists in multiple sources, the value from the last source will take precedence. Any values defined by an Env with a duplicate key will take precedence. This field cannot be updated. +- `env_from` (Map of String) Specifies a list of sources to populate environment variables in the container.The keys within a source must be a C_IDENTIFIER. Any invalid keys will bereported as an event when the container starts. If a key exists in multiplesources, the value from the last source will take precedence. Any valuesdefined by an Env with a duplicate key will take precedence.This field cannot be updated. - `restore` (Attributes) Specifies the restore action. (see [below for nested schema](#nestedatt--spec--restore)) @@ -71,7 +71,7 @@ Optional: - `backup_data` (Attributes) Represents the action to be performed for backing up data. (see [below for nested schema](#nestedatt--spec--backup--backup_data)) - `post_backup` (Attributes List) Represents a set of actions that should be executed after the backup process has completed. (see [below for nested schema](#nestedatt--spec--backup--post_backup)) - `pre_backup` (Attributes List) Represents a set of actions that should be executed before the backup process begins. (see [below for nested schema](#nestedatt--spec--backup--pre_backup)) -- `pre_delete` (Attributes) Represents a custom deletion action that can be executed before the built-in deletion action. Note: The preDelete action job will ignore the env/envFrom. (see [below for nested schema](#nestedatt--spec--backup--pre_delete)) +- `pre_delete` (Attributes) Represents a custom deletion action that can be executed before the built-in deletion action.Note: The preDelete action job will ignore the env/envFrom. (see [below for nested schema](#nestedatt--spec--backup--pre_delete)) ### Nested Schema for `spec.backup.backup_data` @@ -84,15 +84,15 @@ Required: Optional: - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node. If the backup container needs to mount the target pod's volumes, this field should be set to true. Otherwise, the target pod's volumes will be ignored. -- `sync_progress` (Attributes) Determines if the backup progress should be synchronized and the interval for synchronization in seconds. (see [below for nested schema](#nestedatt--spec--backup--backup_data--sync_progress)) +- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node.If the backup container needs to mount the target pod's volumes, this fieldshould be set to true. Otherwise, the target pod's volumes will be ignored. +- `sync_progress` (Attributes) Determines if the backup progress should be synchronized and the intervalfor synchronization in seconds. (see [below for nested schema](#nestedatt--spec--backup--backup_data--sync_progress)) ### Nested Schema for `spec.backup.backup_data.sync_progress` Optional: -- `enabled` (Boolean) Determines if the backup progress should be synchronized. If set to true, a sidecar container will be instantiated to synchronize the backup progress with the Backup Custom Resource (CR) status. +- `enabled` (Boolean) Determines if the backup progress should be synchronized. If set to true,a sidecar container will be instantiated to synchronize the backup progress with theBackup Custom Resource (CR) status. - `interval_seconds` (Number) Defines the interval in seconds for synchronizing the backup progress. @@ -114,9 +114,9 @@ Required: Optional: -- `container` (String) Specifies the container within the pod where the command should be executed. If not specified, the first container in the pod is used by default. +- `container` (String) Specifies the container within the pod where the command should be executed.If not specified, the first container in the pod is used by default. - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `timeout` (String) Specifies the maximum duration to wait for the hook to complete before considering the execution a failure. +- `timeout` (String) Specifies the maximum duration to wait for the hook to complete beforeconsidering the execution a failure. @@ -130,7 +130,7 @@ Required: Optional: - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node. If the backup container needs to mount the target pod's volumes, this field should be set to true. Otherwise, the target pod's volumes will be ignored. +- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node.If the backup container needs to mount the target pod's volumes, this fieldshould be set to true. Otherwise, the target pod's volumes will be ignored. @@ -151,9 +151,9 @@ Required: Optional: -- `container` (String) Specifies the container within the pod where the command should be executed. If not specified, the first container in the pod is used by default. +- `container` (String) Specifies the container within the pod where the command should be executed.If not specified, the first container in the pod is used by default. - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `timeout` (String) Specifies the maximum duration to wait for the hook to complete before considering the execution a failure. +- `timeout` (String) Specifies the maximum duration to wait for the hook to complete beforeconsidering the execution a failure. @@ -167,7 +167,7 @@ Required: Optional: - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node. If the backup container needs to mount the target pod's volumes, this field should be set to true. Otherwise, the target pod's volumes will be ignored. +- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node.If the backup container needs to mount the target pod's volumes, this fieldshould be set to true. Otherwise, the target pod's volumes will be ignored. @@ -206,9 +206,9 @@ Required: Optional: -- `container` (String) Specifies the container within the pod where the command should be executed. If not specified, the first container in the pod is used by default. +- `container` (String) Specifies the container within the pod where the command should be executed.If not specified, the first container in the pod is used by default. - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `timeout` (String) Specifies the maximum duration to wait for the hook to complete before considering the execution a failure. +- `timeout` (String) Specifies the maximum duration to wait for the hook to complete beforeconsidering the execution a failure. @@ -222,7 +222,7 @@ Required: Optional: - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node. If the backup container needs to mount the target pod's volumes, this field should be set to true. Otherwise, the target pod's volumes will be ignored. +- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node.If the backup container needs to mount the target pod's volumes, this fieldshould be set to true. Otherwise, the target pod's volumes will be ignored. @@ -237,4 +237,4 @@ Required: Optional: - `on_error` (String) Indicates how to behave if an error is encountered during the execution of this action. -- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node. If the backup container needs to mount the target pod's volumes, this field should be set to true. Otherwise, the target pod's volumes will be ignored. +- `run_on_target_pod_node` (Boolean) Determines whether to run the job workload on the target pod node.If the backup container needs to mount the target pod's volumes, this fieldshould be set to true. Otherwise, the target pod's volumes will be ignored. diff --git a/docs/data-sources/dataprotection_kubeblocks_io_backup_policy_v1alpha1_manifest.md b/docs/data-sources/dataprotection_kubeblocks_io_backup_policy_v1alpha1_manifest.md index 96214ce40..114fe593b 100644 --- a/docs/data-sources/dataprotection_kubeblocks_io_backup_policy_v1alpha1_manifest.md +++ b/docs/data-sources/dataprotection_kubeblocks_io_backup_policy_v1alpha1_manifest.md @@ -60,12 +60,12 @@ Required: Optional: - `backoff_limit` (Number) Specifies the number of retries before marking the backup as failed. -- `backup_repo_name` (String) Specifies the name of BackupRepo where the backup data will be stored. If not set, data will be stored in the default backup repository. -- `encryption_config` (Attributes) Specifies the parameters for encrypting backup data. Encryption will be disabled if the field is not set. (see [below for nested schema](#nestedatt--spec--encryption_config)) -- `path_prefix` (String) Specifies the directory inside the backup repository to store the backup. This path is relative to the path of the backup repository. -- `target` (Attributes) Specifies the target information to back up, such as the target pod, the cluster connection credential. (see [below for nested schema](#nestedatt--spec--target)) -- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes details such as the target pod and cluster connection credentials. All specified targets will be backed up collectively. optional (see [below for nested schema](#nestedatt--spec--targets)) -- `use_kopia` (Boolean) Specifies whether backup data should be stored in a Kopia repository. Data within the Kopia repository is both compressed and encrypted. Furthermore, data deduplication is implemented across various backups of the same cluster. This approach significantly reduces the actual storage usage, particularly for clusters with a low update frequency. NOTE: This feature should NOT be enabled when using KubeBlocks Community Edition, otherwise the backup will not be processed. +- `backup_repo_name` (String) Specifies the name of BackupRepo where the backup data will be stored.If not set, data will be stored in the default backup repository. +- `encryption_config` (Attributes) Specifies the parameters for encrypting backup data.Encryption will be disabled if the field is not set. (see [below for nested schema](#nestedatt--spec--encryption_config)) +- `path_prefix` (String) Specifies the directory inside the backup repository to store the backup.This path is relative to the path of the backup repository. +- `target` (Attributes) Specifies the target information to back up, such as the target pod, thecluster connection credential. (see [below for nested schema](#nestedatt--spec--target)) +- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes detailssuch as the target pod and cluster connection credentials. All specified targetswill be backed up collectively.optional (see [below for nested schema](#nestedatt--spec--targets)) +- `use_kopia` (Boolean) Specifies whether backup data should be stored in a Kopia repository.Data within the Kopia repository is both compressed and encrypted. Furthermore,data deduplication is implemented across various backups of the same cluster.This approach significantly reduces the actual storage usage, particularlyfor clusters with a low update frequency.NOTE: This feature should NOT be enabled when using KubeBlocks Community Edition, otherwise the backup will not be processed. ### Nested Schema for `spec.backup_methods` @@ -76,13 +76,13 @@ Required: Optional: -- `action_set_name` (String) Refers to the ActionSet object that defines the backup actions. For volume snapshot backup, the actionSet is not required, the controller will use the CSI volume snapshotter to create the snapshot. +- `action_set_name` (String) Refers to the ActionSet object that defines the backup actions.For volume snapshot backup, the actionSet is not required, the controllerwill use the CSI volume snapshotter to create the snapshot. - `env` (Attributes List) Specifies the environment variables for the backup workload. (see [below for nested schema](#nestedatt--spec--backup_methods--env)) - `runtime_settings` (Attributes) Specifies runtime settings for the backup workload container. (see [below for nested schema](#nestedatt--spec--backup_methods--runtime_settings)) -- `snapshot_volumes` (Boolean) Specifies whether to take snapshots of persistent volumes. If true, the ActionSetName is not required, the controller will use the CSI volume snapshotter to create the snapshot. +- `snapshot_volumes` (Boolean) Specifies whether to take snapshots of persistent volumes. If true,the ActionSetName is not required, the controller will use the CSI volumesnapshotter to create the snapshot. - `target` (Attributes) Specifies the target information to back up, it will override the target in backup policy. (see [below for nested schema](#nestedatt--spec--backup_methods--target)) - `target_volumes` (Attributes) Specifies which volumes from the target should be mounted in the backup workload. (see [below for nested schema](#nestedatt--spec--backup_methods--target_volumes)) -- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes details such as the target pod and cluster connection credentials. All specified targets will be backed up collectively. (see [below for nested schema](#nestedatt--spec--backup_methods--targets)) +- `targets` (Attributes List) Specifies multiple target information for backup operations. This includes detailssuch as the target pod and cluster connection credentials. All specified targetswill be backed up collectively. (see [below for nested schema](#nestedatt--spec--backup_methods--targets)) ### Nested Schema for `spec.backup_methods.env` @@ -93,7 +93,7 @@ Required: Optional: -- `value` (String) Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. '$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to ''. +- `value` (String) Variable references $(VAR_NAME) are expandedusing the previously defined environment variables in the container andany service environment variables. If a variable cannot be resolved,the reference in the input string will be unchanged. Double $$ are reducedto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.'$$(VAR_NAME)' will produce the string literal '$(VAR_NAME)'.Escaped references will never be expanded, regardless of whether the variableexists or not.Defaults to ''. - `value_from` (Attributes) Source for the environment variable's value. Cannot be used if value is not empty. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from)) @@ -102,8 +102,8 @@ Optional: Optional: - `config_map_key_ref` (Attributes) Selects a key of a ConfigMap. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--config_map_key_ref)) -- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']', spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--field_ref)) -- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--resource_field_ref)) +- `field_ref` (Attributes) Selects a field of the pod: supports metadata.name, metadata.namespace, 'metadata.labels['']', 'metadata.annotations['']',spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--field_ref)) +- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--resource_field_ref)) - `secret_key_ref` (Attributes) Selects a key of a secret in the pod's namespace (see [below for nested schema](#nestedatt--spec--backup_methods--env--value_from--secret_key_ref)) @@ -115,7 +115,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the ConfigMap or its key must be defined @@ -153,7 +153,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -164,23 +164,23 @@ Optional: Optional: -- `resources` (Attributes) Specifies the resource required by container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ (see [below for nested schema](#nestedatt--spec--backup_methods--runtime_settings--resources)) +- `resources` (Attributes) Specifies the resource required by container.More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ (see [below for nested schema](#nestedatt--spec--backup_methods--runtime_settings--resources)) ### Nested Schema for `spec.backup_methods.runtime_settings.resources` Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--backup_methods--runtime_settings--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--backup_methods--runtime_settings--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.backup_methods.runtime_settings.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -191,7 +191,7 @@ Required: Optional: - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--backup_methods--target--connection_credential)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--backup_methods--target--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--backup_methods--target--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. @@ -206,7 +206,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -217,8 +217,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_methods--target--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.backup_methods.target.pod_selector.match_expressions` @@ -226,11 +226,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -239,9 +239,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_methods--target--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_methods--target--resources--selector)) ### Nested Schema for `spec.backup_methods.target.resources.selector` @@ -249,7 +249,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_methods--target--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.backup_methods.target.resources.selector.match_expressions` @@ -257,11 +257,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -273,22 +273,22 @@ Optional: Optional: - `volume_mounts` (Attributes List) Specifies the mount for the volumes specified in 'volumes' section. (see [below for nested schema](#nestedatt--spec--backup_methods--target_volumes--volume_mounts)) -- `volumes` (List of String) Specifies the list of volumes of targeted application that should be mounted on the backup workload. +- `volumes` (List of String) Specifies the list of volumes of targeted application that should be mountedon the backup workload. ### Nested Schema for `spec.backup_methods.target_volumes.volume_mounts` Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -298,7 +298,7 @@ Optional: Optional: - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--connection_credential)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. @@ -313,7 +313,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -324,8 +324,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.backup_methods.targets.pod_selector.match_expressions` @@ -333,11 +333,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -346,9 +346,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--resources--selector)) ### Nested Schema for `spec.backup_methods.targets.resources.selector` @@ -356,7 +356,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--backup_methods--targets--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.backup_methods.targets.resources.selector.match_expressions` @@ -364,11 +364,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -380,8 +380,8 @@ Optional: Required: -- `algorithm` (String) Specifies the encryption algorithm. Currently supported algorithms are: - AES-128-CFB - AES-192-CFB - AES-256-CFB -- `pass_phrase_secret_key_ref` (Attributes) Selects the key of a secret in the current namespace, the value of the secret is used as the encryption key. (see [below for nested schema](#nestedatt--spec--encryption_config--pass_phrase_secret_key_ref)) +- `algorithm` (String) Specifies the encryption algorithm. Currently supported algorithms are:- AES-128-CFB- AES-192-CFB- AES-256-CFB +- `pass_phrase_secret_key_ref` (Attributes) Selects the key of a secret in the current namespace, the value of the secretis used as the encryption key. (see [below for nested schema](#nestedatt--spec--encryption_config--pass_phrase_secret_key_ref)) ### Nested Schema for `spec.encryption_config.pass_phrase_secret_key_ref` @@ -392,7 +392,7 @@ Required: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid? - `optional` (Boolean) Specify whether the Secret or its key must be defined @@ -403,7 +403,7 @@ Optional: Optional: - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--target--connection_credential)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--target--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--target--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. @@ -418,7 +418,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -429,8 +429,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--target--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.target.pod_selector.match_expressions` @@ -438,11 +438,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -451,9 +451,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--target--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--target--resources--selector)) ### Nested Schema for `spec.target.resources.selector` @@ -461,7 +461,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--target--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.target.resources.selector.match_expressions` @@ -469,11 +469,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -485,7 +485,7 @@ Optional: Optional: - `connection_credential` (Attributes) Specifies the connection credential to connect to the target database cluster. (see [below for nested schema](#nestedatt--spec--targets--connection_credential)) -- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field. The backup data for the current target is stored in a uniquely named subdirectory. +- `name` (String) Specifies a mandatory and unique identifier for each target when using the 'targets' field.The backup data for the current target is stored in a uniquely named subdirectory. - `pod_selector` (Attributes) Used to find the target pod. The volumes of the target pod will be backed up. (see [below for nested schema](#nestedatt--spec--targets--pod_selector)) - `resources` (Attributes) Specifies the kubernetes resources to back up. (see [below for nested schema](#nestedatt--spec--targets--resources)) - `service_account_name` (String) Specifies the service account to run the backup workload. @@ -500,7 +500,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -511,8 +511,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--targets--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.targets.pod_selector.match_expressions` @@ -520,11 +520,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -533,9 +533,9 @@ Optional: Optional: -- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude in the kubernetes resources. The default value is empty. -- `included` (List of String) included is a slice of namespaced-scoped resource type names to include in the kubernetes resources. The default value is empty. -- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that need to be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--targets--resources--selector)) +- `excluded` (List of String) excluded is a slice of namespaced-scoped resource type names to exclude inthe kubernetes resources.The default value is empty. +- `included` (List of String) included is a slice of namespaced-scoped resource type names to include inthe kubernetes resources.The default value is empty. +- `selector` (Attributes) A metav1.LabelSelector to filter the target kubernetes resources that needto be backed up. If not set, will do not back up any kubernetes resources. (see [below for nested schema](#nestedatt--spec--targets--resources--selector)) ### Nested Schema for `spec.targets.resources.selector` @@ -543,7 +543,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--targets--resources--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.targets.resources.selector.match_expressions` @@ -551,8 +551,8 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/dataprotection_kubeblocks_io_backup_schedule_v1alpha1_manifest.md b/docs/data-sources/dataprotection_kubeblocks_io_backup_schedule_v1alpha1_manifest.md index 53533e39f..3ec271a17 100644 --- a/docs/data-sources/dataprotection_kubeblocks_io_backup_schedule_v1alpha1_manifest.md +++ b/docs/data-sources/dataprotection_kubeblocks_io_backup_schedule_v1alpha1_manifest.md @@ -60,7 +60,7 @@ Required: Optional: -- `starting_deadline_minutes` (Number) Defines the deadline in minutes for starting the backup workload if it misses its scheduled time for any reason. +- `starting_deadline_minutes` (Number) Defines the deadline in minutes for starting the backup workload if itmisses its scheduled time for any reason. ### Nested Schema for `spec.schedules` @@ -68,9 +68,9 @@ Optional: Required: - `backup_method` (String) Specifies the backup method name that is defined in backupPolicy. -- `cron_expression` (String) Specifies the cron expression for the schedule. The timezone is in UTC. see https://en.wikipedia.org/wiki/Cron. +- `cron_expression` (String) Specifies the cron expression for the schedule. The timezone is in UTC.see https://en.wikipedia.org/wiki/Cron. Optional: - `enabled` (Boolean) Specifies whether the backup schedule is enabled or not. -- `retention_period` (String) Determines the duration for which the backup should be kept. KubeBlocks will remove all backups that are older than the RetentionPeriod. For example, RetentionPeriod of '30d' will keep only the backups of last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m You can also combine the above durations. For example: 30d12h30m +- `retention_period` (String) Determines the duration for which the backup should be kept.KubeBlocks will remove all backups that are older than the RetentionPeriod.For example, RetentionPeriod of '30d' will keep only the backups of last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mYou can also combine the above durations. For example: 30d12h30m diff --git a/docs/data-sources/dataprotection_kubeblocks_io_backup_v1alpha1_manifest.md b/docs/data-sources/dataprotection_kubeblocks_io_backup_v1alpha1_manifest.md index cc3e2d060..f1c90e489 100644 --- a/docs/data-sources/dataprotection_kubeblocks_io_backup_v1alpha1_manifest.md +++ b/docs/data-sources/dataprotection_kubeblocks_io_backup_v1alpha1_manifest.md @@ -60,6 +60,6 @@ Required: Optional: -- `deletion_policy` (String) Determines whether the backup contents stored in the backup repository should be deleted when the backup custom resource(CR) is deleted. Supported values are 'Retain' and 'Delete'. - 'Retain' means that the backup content and its physical snapshot on backup repository are kept. - 'Delete' means that the backup content and its physical snapshot on backup repository are deleted. TODO: for the retain policy, we should support in the future for only deleting the backup CR but retaining the backup contents in backup repository. The current implementation only prevent accidental deletion of backup data. +- `deletion_policy` (String) Determines whether the backup contents stored in the backup repositoryshould be deleted when the backup custom resource(CR) is deleted.Supported values are 'Retain' and 'Delete'.- 'Retain' means that the backup content and its physical snapshot on backup repository are kept.- 'Delete' means that the backup content and its physical snapshot on backup repository are deleted.TODO: for the retain policy, we should support in the future for only deleting the backup CR but retaining the backup contents in backup repository. The current implementation only prevent accidental deletion of backup data. - `parent_backup_name` (String) Determines the parent backup name for incremental or differential backup. -- `retention_period` (String) Determines a duration up to which the backup should be kept. Controller will remove all backups that are older than the RetentionPeriod. If not set, the backup will be kept forever. For example, RetentionPeriod of '30d' will keep only the backups of last 30 days. Sample duration format: - years: 2y - months: 6mo - days: 30d - hours: 12h - minutes: 30m You can also combine the above durations. For example: 30d12h30m. +- `retention_period` (String) Determines a duration up to which the backup should be kept.Controller will remove all backups that are older than the RetentionPeriod.If not set, the backup will be kept forever.For example, RetentionPeriod of '30d' will keep only the backups of last 30 days.Sample duration format:- years: 2y- months: 6mo- days: 30d- hours: 12h- minutes: 30mYou can also combine the above durations. For example: 30d12h30m. diff --git a/docs/data-sources/dataprotection_kubeblocks_io_restore_v1alpha1_manifest.md b/docs/data-sources/dataprotection_kubeblocks_io_restore_v1alpha1_manifest.md index d826b6a37..52d3828ff 100644 --- a/docs/data-sources/dataprotection_kubeblocks_io_restore_v1alpha1_manifest.md +++ b/docs/data-sources/dataprotection_kubeblocks_io_restore_v1alpha1_manifest.md @@ -55,14 +55,14 @@ Optional: Required: -- `backup` (Attributes) Specifies the backup to be restored. The restore behavior is based on the backup type: 1. Full: will be restored the full backup directly. 2. Incremental: will be restored sequentially from the most recent full backup of this incremental backup. 3. Differential: will be restored sequentially from the parent backup of the differential backup. 4. Continuous: will find the most recent full backup at this time point and the continuous backups after it to restore. (see [below for nested schema](#nestedatt--spec--backup)) +- `backup` (Attributes) Specifies the backup to be restored. The restore behavior is based on the backup type:1. Full: will be restored the full backup directly.2. Incremental: will be restored sequentially from the most recent full backup of this incremental backup.3. Differential: will be restored sequentially from the parent backup of the differential backup.4. Continuous: will find the most recent full backup at this time point and the continuous backups after it to restore. (see [below for nested schema](#nestedatt--spec--backup)) Optional: - `backoff_limit` (Number) Specifies the number of retries before marking the restore failed. - `container_resources` (Attributes) Specifies the required resources of restore job's container. (see [below for nested schema](#nestedatt--spec--container_resources)) -- `env` (Map of String) List of environment variables to set in the container for restore. These will be merged with the env of Backup and ActionSet. The priority of merging is as follows: 'Restore env > Backup env > ActionSet env'. -- `prepare_data_config` (Attributes) Configuration for the action of 'prepareData' phase, including the persistent volume claims that need to be restored and scheduling strategy of temporary recovery pod. (see [below for nested schema](#nestedatt--spec--prepare_data_config)) +- `env` (Map of String) List of environment variables to set in the container for restore. These will bemerged with the env of Backup and ActionSet.The priority of merging is as follows: 'Restore env > Backup env > ActionSet env'. +- `prepare_data_config` (Attributes) Configuration for the action of 'prepareData' phase, including the persistent volume claimsthat need to be restored and scheduling strategy of temporary recovery pod. (see [below for nested schema](#nestedatt--spec--prepare_data_config)) - `ready_config` (Attributes) Configuration for the action of 'postReady' phase. (see [below for nested schema](#nestedatt--spec--ready_config)) - `resources` (Attributes) Restores the specified resources of Kubernetes. (see [below for nested schema](#nestedatt--spec--resources)) - `restore_time` (String) Specifies the point in time for restoring. @@ -86,16 +86,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--container_resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--container_resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.container_resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -104,15 +104,15 @@ Required: Required: -- `volume_claim_restore_policy` (String) Defines restore policy for persistent volume claim. Supported policies are as follows: - 'Parallel': parallel recovery of persistent volume claim. - 'Serial': restore the persistent volume claim in sequence, and wait until the previous persistent volume claim is restored before restoring a new one. +- `volume_claim_restore_policy` (String) Defines restore policy for persistent volume claim.Supported policies are as follows:- 'Parallel': parallel recovery of persistent volume claim.- 'Serial': restore the persistent volume claim in sequence, and wait until the previous persistent volume claim is restored before restoring a new one. Optional: -- `data_source_ref` (Attributes) Specifies the configuration when using 'persistentVolumeClaim.spec.dataSourceRef' method for restoring. Describes the source volume of the backup targetVolumes and the mount path in the restoring container. (see [below for nested schema](#nestedatt--spec--prepare_data_config--data_source_ref)) -- `required_policy_for_all_pod_selection` (Attributes) Specifies the restore policy, which is required when the pod selection strategy for the source target is 'All'. This field is ignored if the pod selection strategy is 'Any'. optional (see [below for nested schema](#nestedatt--spec--prepare_data_config--required_policy_for_all_pod_selection)) +- `data_source_ref` (Attributes) Specifies the configuration when using 'persistentVolumeClaim.spec.dataSourceRef' method for restoring.Describes the source volume of the backup targetVolumes and the mount path in the restoring container. (see [below for nested schema](#nestedatt--spec--prepare_data_config--data_source_ref)) +- `required_policy_for_all_pod_selection` (Attributes) Specifies the restore policy, which is required when the pod selection strategy for the source target is 'All'.This field is ignored if the pod selection strategy is 'Any'.optional (see [below for nested schema](#nestedatt--spec--prepare_data_config--required_policy_for_all_pod_selection)) - `scheduling_spec` (Attributes) Specifies the scheduling spec for the restoring pod. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec)) -- `volume_claims` (Attributes List) Defines the persistent Volume claims that need to be restored and mounted together into the restore job. These persistent Volume claims will be created if they do not exist. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims)) -- `volume_claims_template` (Attributes) Defines a template to build persistent Volume claims that need to be restored. These claims will be created in an orderly manner based on the number of replicas or reused if they already exist. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template)) +- `volume_claims` (Attributes List) Defines the persistent Volume claims that need to be restored and mounted together into the restore job.These persistent Volume claims will be created if they do not exist. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims)) +- `volume_claims_template` (Attributes) Defines a template to build persistent Volume claims that need to be restored.These claims will be created in an orderly manner based on the number of replicas or reused if they already exist. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template)) ### Nested Schema for `spec.prepare_data_config.data_source_ref` @@ -120,7 +120,7 @@ Optional: Optional: - `mount_path` (String) Specifies the path within the restoring container at which the volume should be mounted. -- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes. This is required if the backup uses a volume snapshot. +- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes.This is required if the backup uses a volume snapshot. @@ -128,7 +128,7 @@ Optional: Required: -- `data_restore_policy` (String) Specifies the data restore policy. Options include: - OneToMany: Enables restoration of all volumes from a single data copy of the original target instance. The 'sourceOfOneToMany' field must be set when using this policy. - OneToOne: Restricts data restoration such that each data piece can only be restored to a single target instance. This is the default policy. When the number of target instances specified for restoration surpasses the count of original backup target instances. +- `data_restore_policy` (String) Specifies the data restore policy. Options include:- OneToMany: Enables restoration of all volumes from a single data copy of the original target instance.The 'sourceOfOneToMany' field must be set when using this policy.- OneToOne: Restricts data restoration such that each data piece can only be restored to a single target instance.This is the default policy. When the number of target instances specified for restoration surpasses the count of original backup target instances. Optional: @@ -148,12 +148,12 @@ Required: Optional: -- `affinity` (Attributes) Contains a group of affinity scheduling rules. Refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity)) -- `node_name` (String) Specifies a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. -- `node_selector` (Map of String) Defines a selector which must be true for the pod to fit on a node. The selector must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -- `scheduler_name` (String) Specifies the scheduler to dispatch the pod. If not specified, the pod will be dispatched by the default scheduler. +- `affinity` (Attributes) Contains a group of affinity scheduling rules.Refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity)) +- `node_name` (String) Specifies a request to schedule this pod onto a specific node. If it is non-empty,the scheduler simply schedules this pod onto that node, assuming that it fits resourcerequirements. +- `node_selector` (Map of String) Defines a selector which must be true for the pod to fit on a node.The selector must match a node's labels for the pod to be scheduled on that node.More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +- `scheduler_name` (String) Specifies the scheduler to dispatch the pod.If not specified, the pod will be dispatched by the default scheduler. - `tolerations` (Attributes List) Specifies the tolerations for the restoring pod. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--tolerations)) -- `topology_spread_constraints` (Attributes List) Describes how a group of pods ought to spread across topology domains. The scheduler will schedule pods in a way which abides by the constraints. Refer to https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--topology_spread_constraints)) +- `topology_spread_constraints` (Attributes List) Describes how a group of pods ought to spread across topologydomains. The scheduler will schedule pods in a way which abides by the constraints.Refer to https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--topology_spread_constraints)) ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity` @@ -169,8 +169,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node matches the corresponding matchExpressions; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to an update), the systemmay or may not try to eventually evict the pod from its node. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` @@ -194,11 +194,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -207,11 +207,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -237,11 +237,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -250,11 +250,11 @@ Optional: Required: - `key` (String) The label key that the selector applies to. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Optional: -- `values` (List of String) An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +- `values` (List of String) An array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. If the operator is Gt or Lt, the valuesarray must have a single element, which will be interpreted as an integer.This array is replaced during a strategic merge patch. @@ -265,8 +265,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` @@ -274,20 +274,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -295,7 +295,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -303,11 +303,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -317,7 +317,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -325,11 +325,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -340,13 +340,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -354,7 +354,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -362,11 +362,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -376,7 +376,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -384,11 +384,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -399,8 +399,8 @@ Optional: Optional: -- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding 'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) -- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) The scheduler will prefer to schedule pods to nodes that satisfythe anti-affinity expressions specified by this field, but it may choosea node that violates one or more of the expressions. The node that ismost preferred is the one with the greatest sum of weights, i.e.for each node that meets all of the scheduling requirements (resourcerequest, requiredDuringScheduling anti-affinity expressions, etc.),compute a sum by iterating through the elements of this field and adding'weight' to the sum if the node has pods which matches the corresponding podAffinityTerm; thenode(s) with the highest sum are the most preferred. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) If the anti-affinity requirements specified by this field are not met atscheduling time, the pod will not be scheduled onto the node.If the anti-affinity requirements specified by this field cease to be metat some point during pod execution (e.g. due to a pod label update), thesystem may or may not try to eventually evict the pod from its node.When there are multiple elements, the lists of nodes corresponding to eachpodAffinityTerm are intersected, i.e. all terms must be satisfied. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` @@ -408,20 +408,20 @@ Optional: Required: - `pod_affinity_term` (Attributes) Required. A pod affinity term, associated with the corresponding weight. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) -- `weight` (Number) weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +- `weight` (Number) weight associated with matching the corresponding podAffinityTerm,in the range 1-100. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` @@ -429,7 +429,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` @@ -437,11 +437,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -451,7 +451,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` @@ -459,11 +459,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -474,13 +474,13 @@ Optional: Required: -- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +- `topology_key` (String) This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matchingthe labelSelector in the specified namespaces, where co-located is defined as running on a nodewhose value of the label with key topologyKey matches that of any node on which any of theselected pods is running.Empty topologyKey is not allowed. Optional: - `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) -- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) -- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. +- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to.The term is applied to the union of the namespaces selected by this fieldand the ones listed in the namespaces field.null selector and null or empty namespaces list means 'this pod's namespace'.An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to.The term is applied to the union of the namespaces listed in this fieldand the ones selected by namespaceSelector.null or empty namespaces list and null namespaceSelector means 'this pod's namespace'. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` @@ -488,7 +488,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` @@ -496,11 +496,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -510,7 +510,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` @@ -518,11 +518,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -534,11 +534,11 @@ Optional: Optional: -- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. -- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. -- `operator` (String) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. -- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. -- `value` (String) Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +- `effect` (String) Effect indicates the taint effect to match. Empty means match all taint effects.When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +- `key` (String) Key is the taint key that the toleration applies to. Empty means match all taint keys.If the key is empty, operator must be Exists; this combination means to match all values and all keys. +- `operator` (String) Operator represents a key's relationship to the value.Valid operators are Exists and Equal. Defaults to Equal.Exists is equivalent to wildcard for value, so that a pod cantolerate all taints of a particular category. +- `toleration_seconds` (Number) TolerationSeconds represents the period of time the toleration (which must beof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,it is not set, which means tolerate the taint forever (do not evict). Zero andnegative values will be treated as 0 (evict immediately) by the system. +- `value` (String) Value is the taint value the toleration matches to.If the operator is Exists, the value should be empty, otherwise just a regular string. @@ -546,17 +546,17 @@ Optional: Required: -- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. -- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a 'bucket', and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology. And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology. It's a required field. -- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered 'Unsatisfiable' for an incoming pod if and only if every possible node assignment for that pod would violate 'MaxSkew' on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +- `max_skew` (Number) MaxSkew describes the degree to which pods may be unevenly distributed.When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted differencebetween the number of matching pods in the target topology and the global minimum.The global minimum is the minimum number of matching pods in an eligible domainor zero if the number of eligible domains is less than MinDomains.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 2/2/1:In this case, the global minimum is 1.| zone1 | zone2 | zone3 || P P | P P | P |- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)violate MaxSkew(1).- if MaxSkew is 2, incoming pod can be scheduled onto any zone.When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedenceto topologies that satisfy it.It's a required field. Default value is 1 and 0 is not allowed. +- `topology_key` (String) TopologyKey is the key of node labels. Nodes that have a label with this keyand identical values are considered to be in the same topology.We consider each as a 'bucket', and try to put balanced numberof pods into each bucket.We define a domain as a particular instance of a topology.Also, we define an eligible domain as a domain whose nodes meet the requirements ofnodeAffinityPolicy and nodeTaintsPolicy.e.g. If TopologyKey is 'kubernetes.io/hostname', each Node is a domain of that topology.And, if TopologyKey is 'topology.kubernetes.io/zone', each zone is a domain of that topology.It's a required field. +- `when_unsatisfiable` (String) WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfythe spread constraint.- DoNotSchedule (default) tells the scheduler not to schedule it.- ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew.A constraint is considered 'Unsatisfiable' for an incoming podif and only if every possible node assignment for that pod would violate'MaxSkew' on some topology.For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the samelabelSelector spread as 3/1/1:| zone1 | zone2 | zone3 || P P P | P | P |If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduledto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfiesMaxSkew(1). In other words, the cluster can still be imbalanced, but schedulerwon't make it *more* imbalanced.It's a required field. Optional: -- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--topology_spread_constraints--label_selector)) -- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). -- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). -- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. -- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `label_selector` (Attributes) LabelSelector is used to find matching pods.Pods that match this label selector are counted to determine the number of podsin their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over whichspreading will be calculated. The keys are used to lookup values from theincoming pod labels, those key-value labels are ANDed with labelSelectorto select the group of existing pods over which spreading will be calculatedfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.MatchLabelKeys cannot be set when LabelSelector isn't set.Keys that don't exist in the incoming pod labels willbe ignored. A null or empty list means only match against labelSelector.This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains.When the number of eligible domains with matching topology keys is less than minDomains,Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed.And when the number of eligible domains with matching topology keys equals or greater than minDomains,this value has no effect on scheduling.As a result, when the number of eligible domains is less than minDomains,scheduler won't schedule more than maxSkew Pods to those domains.If value is nil, the constraint behaves as if MinDomains is equal to 1.Valid values are integers greater than 0.When value is not nil, WhenUnsatisfiable must be DoNotSchedule.For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the samelabelSelector spread as 2/2/2:| zone1 | zone2 | zone3 || P P | P P | P P |The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0.In this situation, new pod with the same labelSelector cannot be scheduled,because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,it will violate MaxSkew.This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). +- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelectorwhen calculating pod topology spread skew. Options are:- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.If this value is nil, the behavior is equivalent to the Honor policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculatingpod topology spread skew. Options are:- Honor: nodes without taints, along with tainted nodes for which the incoming podhas a toleration, are included.- Ignore: node taints are ignored. All nodes are included.If this value is nil, the behavior is equivalent to the Ignore policy.This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.topology_spread_constraints.label_selector` @@ -564,7 +564,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--scheduling_spec--topology_spread_constraints--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.scheduling_spec.topology_spread_constraints.label_selector.match_expressions` @@ -572,11 +572,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -587,13 +587,13 @@ Optional: Required: -- `metadata` (Attributes) Specifies the standard metadata for the object. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--metadata)) +- `metadata` (Attributes) Specifies the standard metadata for the object.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--metadata)) - `volume_claim_spec` (Attributes) Defines the desired characteristics of a persistent volume claim. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec)) Optional: - `mount_path` (String) Specifies the path within the restoring container at which the volume should be mounted. -- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes. This is required if the backup uses a volume snapshot. +- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes.This is required if the backup uses a volume snapshot. ### Nested Schema for `spec.prepare_data_config.volume_claims.metadata` @@ -612,13 +612,13 @@ Optional: Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -631,7 +631,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -644,8 +644,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -653,16 +653,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.prepare_data_config.volume_claims.volume_claim_spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -672,7 +672,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims--volume_claim_spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.volume_claims.volume_claim_spec.selector.match_expressions` @@ -680,11 +680,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -695,25 +695,25 @@ Optional: Required: -- `replicas` (Number) Specifies the replicas of persistent volume claim that need to be created and restored. The format of the created claim name is '$(template-name)-$(index)'. +- `replicas` (Number) Specifies the replicas of persistent volume claim that need to be created and restored.The format of the created claim name is '$(template-name)-$(index)'. - `templates` (Attributes List) Contains a list of volume claims. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates)) Optional: -- `starting_index` (Number) Specifies the starting index for the created persistent volume claim according to the template. The minimum value is 0. +- `starting_index` (Number) Specifies the starting index for the created persistent volume claim according to the template.The minimum value is 0. ### Nested Schema for `spec.prepare_data_config.volume_claims_template.templates` Required: -- `metadata` (Attributes) Specifies the standard metadata for the object. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--metadata)) +- `metadata` (Attributes) Specifies the standard metadata for the object.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--metadata)) - `volume_claim_spec` (Attributes) Defines the desired characteristics of a persistent volume claim. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec)) Optional: - `mount_path` (String) Specifies the path within the restoring container at which the volume should be mounted. -- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes. This is required if the backup uses a volume snapshot. +- `volume_source` (String) Describes the volume that will be restored from the specified volume of the backup targetVolumes.This is required if the backup uses a volume snapshot. ### Nested Schema for `spec.prepare_data_config.volume_claims_template.templates.metadata` @@ -732,13 +732,13 @@ Optional: Optional: -- `access_modes` (List of String) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 -- `data_source` (Attributes) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--data_source)) -- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--data_source_ref)) -- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--resources)) +- `access_modes` (List of String) accessModes contains the desired access modes the volume should have.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +- `data_source` (Attributes) dataSource field can be used to specify either:* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)* An existing PVC (PersistentVolumeClaim)If the provisioner or an external controller can support the specified data source,it will create a new volume based on the contents of the specified data source.When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.If the namespace is specified, then dataSourceRef will not be copied to dataSource. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--data_source)) +- `data_source_ref` (Attributes) dataSourceRef specifies the object from which to populate the volume with data, if a non-emptyvolume is desired. This may be any object from a non-empty API group (noncore object) or a PersistentVolumeClaim object.When this field is specified, volume binding will only succeed if the type ofthe specified object matches some installed volume populator or dynamicprovisioner.This field will replace the functionality of the dataSource field and as suchif both fields are non-empty, they must have the same value. For backwardscompatibility, when namespace isn't specified in dataSourceRef,both fields (dataSource and dataSourceRef) will be set to the samevalue automatically if one of them is empty and the other is non-empty.When namespace is specified in dataSourceRef,dataSource isn't set to the same value and must be empty.There are three important differences between dataSource and dataSourceRef:* While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.* While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.* While dataSource only allows local objects, dataSourceRef allows objects in any namespaces.(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--data_source_ref)) +- `resources` (Attributes) resources represents the minimum resources the volume should have.If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirementsthat are lower than previous value but must still be higher than capacity recorded in thestatus field of the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--resources)) - `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--selector)) -- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 -- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. +- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim.More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 +- `volume_mode` (String) volumeMode defines what type of volume is required by the claim.Value of Filesystem is implied when not included in claim spec. - `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim. @@ -751,7 +751,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -764,8 +764,8 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. -- `namespace` (String) Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. +- `namespace` (String) Namespace is the namespace of resource being referencedNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. @@ -773,16 +773,16 @@ Optional: Optional: -- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--resources--claims)) -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims,that are used by this container.This is an alpha field and requires enabling theDynamicResourceAllocation feature gate.This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--resources--claims)) +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,otherwise to an implementation-defined value. Requests cannot exceed Limits.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ ### Nested Schema for `spec.prepare_data_config.volume_claims_template.templates.volume_claim_spec.resources.claims` Required: -- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims ofthe Pod where this field is used. It makes that resource availableinside a container. @@ -792,7 +792,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--prepare_data_config--volume_claims_template--templates--volume_claim_spec--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.prepare_data_config.volume_claims_template.templates.volume_claim_spec.selector.match_expressions` @@ -800,11 +800,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -820,7 +820,7 @@ Optional: - `connection_credential` (Attributes) Defines the credential template used to create a connection credential. (see [below for nested schema](#nestedatt--spec--ready_config--connection_credential)) - `exec_action` (Attributes) Specifies the configuration for an exec action. (see [below for nested schema](#nestedatt--spec--ready_config--exec_action)) - `job_action` (Attributes) Specifies the configuration for a job action. (see [below for nested schema](#nestedatt--spec--ready_config--job_action)) -- `readiness_probe` (Attributes) Defines a periodic probe of the service readiness. The controller will perform postReadyHooks of BackupScript.spec.restore after the service readiness when readinessProbe is configured. (see [below for nested schema](#nestedatt--spec--ready_config--readiness_probe)) +- `readiness_probe` (Attributes) Defines a periodic probe of the service readiness.The controller will perform postReadyHooks of BackupScript.spec.restoreafter the service readiness when readinessProbe is configured. (see [below for nested schema](#nestedatt--spec--ready_config--readiness_probe)) ### Nested Schema for `spec.ready_config.connection_credential` @@ -832,7 +832,7 @@ Required: Optional: - `host_key` (String) Specifies the map key of the host in the connection credential secret. -- `password_key` (String) Specifies the map key of the password in the connection credential secret. This password will be saved in the backup annotation for full backup. You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. +- `password_key` (String) Specifies the map key of the password in the connection credential secret.This password will be saved in the backup annotation for full backup.You can use the environment variable DP_ENCRYPTION_KEY to specify encryption key. - `port_key` (String) Specifies the map key of the port in the connection credential secret. - `username_key` (String) Specifies the map key of the user in the connection credential secret. @@ -842,7 +842,7 @@ Optional: Optional: -- `target` (Attributes) Defines the pods that need to be executed for the exec action. Execution will occur on all pods that meet the conditions. (see [below for nested schema](#nestedatt--spec--ready_config--exec_action--target)) +- `target` (Attributes) Defines the pods that need to be executed for the exec action.Execution will occur on all pods that meet the conditions. (see [below for nested schema](#nestedatt--spec--ready_config--exec_action--target)) ### Nested Schema for `spec.ready_config.exec_action.target` @@ -857,7 +857,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--ready_config--exec_action--target--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.ready_config.exec_action.target.pod_selector.match_expressions` @@ -865,11 +865,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -884,14 +884,14 @@ Required: Optional: -- `required_policy_for_all_pod_selection` (Attributes) Specifies the restore policy, which is required when the pod selection strategy for the source target is 'All'. This field is ignored if the pod selection strategy is 'Any'. optional (see [below for nested schema](#nestedatt--spec--ready_config--job_action--required_policy_for_all_pod_selection)) +- `required_policy_for_all_pod_selection` (Attributes) Specifies the restore policy, which is required when the pod selection strategy for the source target is 'All'.This field is ignored if the pod selection strategy is 'Any'.optional (see [below for nested schema](#nestedatt--spec--ready_config--job_action--required_policy_for_all_pod_selection)) ### Nested Schema for `spec.ready_config.job_action.target` Required: -- `pod_selector` (Attributes) Selects one of the pods, identified by labels, to build the job spec. This includes mounting required volumes and injecting built-in environment variables of the selected pod. (see [below for nested schema](#nestedatt--spec--ready_config--job_action--target--pod_selector)) +- `pod_selector` (Attributes) Selects one of the pods, identified by labels, to build the job spec.This includes mounting required volumes and injecting built-in environment variables of the selected pod. (see [below for nested schema](#nestedatt--spec--ready_config--job_action--target--pod_selector)) Optional: @@ -903,8 +903,8 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--ready_config--job_action--target--pod_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. -- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected. Valid values are: - 'Any': select any one pod that match the labelsSelector. - 'All': select all pods that match the labelsSelector. The backup data for the current pod will be stored in a subdirectory named after the pod. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `strategy` (String) Specifies the strategy to select the target pod when multiple pods are selected.Valid values are:- 'Any': select any one pod that match the labelsSelector.- 'All': select all pods that match the labelsSelector. The backup data for the current podwill be stored in a subdirectory named after the pod. ### Nested Schema for `spec.ready_config.job_action.target.pod_selector.match_expressions` @@ -912,11 +912,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. @@ -925,15 +925,15 @@ Optional: Required: -- `mount_path` (String) Path within the container at which the volume should be mounted. Must not contain ':'. +- `mount_path` (String) Path within the container at which the volume should be mounted. Mustnot contain ':'. - `name` (String) This must match the Name of a Volume. Optional: -- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. -- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. -- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root). -- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive. +- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the hostto container and the other way around.When not set, MountPropagationNone is used.This field is beta in 1.10. +- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified).Defaults to false. +- `sub_path` (String) Path within the volume from which the container's volume should be mounted.Defaults to '' (volume's root). +- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted.Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.Defaults to '' (volume's root).SubPathExpr and SubPath are mutually exclusive. @@ -942,7 +942,7 @@ Optional: Required: -- `data_restore_policy` (String) Specifies the data restore policy. Options include: - OneToMany: Enables restoration of all volumes from a single data copy of the original target instance. The 'sourceOfOneToMany' field must be set when using this policy. - OneToOne: Restricts data restoration such that each data piece can only be restored to a single target instance. This is the default policy. When the number of target instances specified for restoration surpasses the count of original backup target instances. +- `data_restore_policy` (String) Specifies the data restore policy. Options include:- OneToMany: Enables restoration of all volumes from a single data copy of the original target instance.The 'sourceOfOneToMany' field must be set when using this policy.- OneToOne: Restricts data restoration such that each data piece can only be restored to a single target instance.This is the default policy. When the number of target instances specified for restoration surpasses the count of original backup target instances. Optional: @@ -968,8 +968,8 @@ Required: Optional: - `initial_delay_seconds` (Number) Specifies the number of seconds after the container has started before the probe is initiated. -- `period_seconds` (Number) Specifies how often (in seconds) to perform the probe. The default value is 5 seconds, and the minimum value is 1. -- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out. The default value is 30 seconds, and the minimum value is 1. +- `period_seconds` (Number) Specifies how often (in seconds) to perform the probe.The default value is 5 seconds, and the minimum value is 1. +- `timeout_seconds` (Number) Specifies the number of seconds after which the probe times out.The default value is 30 seconds, and the minimum value is 1. ### Nested Schema for `spec.ready_config.readiness_probe.exec` @@ -1006,7 +1006,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--resources--included--label_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.resources.included.label_selector.match_expressions` @@ -1014,8 +1014,8 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/druid_apache_org_druid_v1alpha1_manifest.md b/docs/data-sources/druid_apache_org_druid_v1alpha1_manifest.md index 8ee007001..414d0a109 100644 --- a/docs/data-sources/druid_apache_org_druid_v1alpha1_manifest.md +++ b/docs/data-sources/druid_apache_org_druid_v1alpha1_manifest.md @@ -144,6 +144,7 @@ Optional: - `replicas` (Number) Replicas replica of the workload - `resources` (Attributes) Resources Kubernetes Native 'resources' specification. (see [below for nested schema](#nestedatt--spec--nodes--resources)) - `security_context` (Attributes) PodSecurityContext Overrides 'securityContext' at top level. (see [below for nested schema](#nestedatt--spec--nodes--security_context)) +- `service_account_name` (String) ServiceAccountName Kubernetes native 'serviceAccountName' specification. - `services` (Attributes List) Services Overrides services at top level. (see [below for nested schema](#nestedatt--spec--nodes--services)) - `start_up_probe` (Attributes) StartUpProbe (see [below for nested schema](#nestedatt--spec--nodes--start_up_probe)) - `termination_grace_period_seconds` (Number) TerminationGracePeriodSeconds diff --git a/docs/data-sources/extensions_kubeblocks_io_addon_v1alpha1_manifest.md b/docs/data-sources/extensions_kubeblocks_io_addon_v1alpha1_manifest.md index 24eedff62..719fffc29 100644 --- a/docs/data-sources/extensions_kubeblocks_io_addon_v1alpha1_manifest.md +++ b/docs/data-sources/extensions_kubeblocks_io_addon_v1alpha1_manifest.md @@ -61,9 +61,9 @@ Optional: - `cli_plugins` (Attributes List) Specifies the CLI plugin installation specifications. (see [below for nested schema](#nestedatt--spec--cli_plugins)) - `description` (String) Specifies the description of the add-on. -- `helm` (Attributes) Represents the Helm installation specifications. This is only processed when the type is set to 'helm'. (see [below for nested schema](#nestedatt--spec--helm)) +- `helm` (Attributes) Represents the Helm installation specifications. This is only processedwhen the type is set to 'helm'. (see [below for nested schema](#nestedatt--spec--helm)) - `install` (Attributes) Defines the installation parameters. (see [below for nested schema](#nestedatt--spec--install)) -- `installable` (Attributes) Represents the installable specifications of the add-on. This includes the selector and auto-install settings. (see [below for nested schema](#nestedatt--spec--installable)) +- `installable` (Attributes) Represents the installable specifications of the add-on. This includesthe selector and auto-install settings. (see [below for nested schema](#nestedatt--spec--installable)) - `provider` (String) Specifies the provider of the add-on. - `version` (String) Indicates the version of the add-on. @@ -77,7 +77,7 @@ Optional: - `persistent_volume_enabled` (Boolean) Indicates whether the Persistent Volume is enabled or not. - `replicas` (Number) Specifies the number of replicas. - `resources` (Attributes) Specifies the resource requirements. (see [below for nested schema](#nestedatt--spec--default_install_values--resources)) -- `selectors` (Attributes List) Indicates the default selectors for add-on installations. If multiple selectors are provided, all selectors must evaluate to true. (see [below for nested schema](#nestedatt--spec--default_install_values--selectors)) +- `selectors` (Attributes List) Indicates the default selectors for add-on installations. If multiple selectors are provided,all selectors must evaluate to true. (see [below for nested schema](#nestedatt--spec--default_install_values--selectors)) - `storage_class` (String) Specifies the name of the storage class. - `tolerations` (String) Specifies the tolerations in a JSON array string format. @@ -101,8 +101,8 @@ Optional: Optional: -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified; otherwise, it defaults to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified;otherwise, it defaults to an implementation-defined value.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. @@ -111,8 +111,8 @@ Optional: Optional: -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified; otherwise, it defaults to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified;otherwise, it defaults to an implementation-defined value.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. @@ -120,8 +120,8 @@ Optional: Required: -- `key` (String) The selector key. Valid values are KubeVersion, KubeGitVersion and KubeProvider. - 'KubeVersion' the semver expression of Kubernetes versions, i.e., v1.24. - 'KubeGitVersion' may contain distro. info., i.e., v1.24.4+eks. - 'KubeProvider' the Kubernetes provider, i.e., aws, gcp, azure, huaweiCloud, tencentCloud etc. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are Contains, NotIn, DoesNotContain, MatchRegex, and DoesNoteMatchRegex. Possible enum values: - 'Contains' line contains a string. - 'DoesNotContain' line does not contain a string. - 'MatchRegex' line contains a match to the regular expression. - 'DoesNotMatchRegex' line does not contain a match to the regular expression. +- `key` (String) The selector key. Valid values are KubeVersion, KubeGitVersion and KubeProvider.- 'KubeVersion' the semver expression of Kubernetes versions, i.e., v1.24.- 'KubeGitVersion' may contain distro. info., i.e., v1.24.4+eks.- 'KubeProvider' the Kubernetes provider, i.e., aws, gcp, azure, huaweiCloud, tencentCloud etc. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are Contains, NotIn, DoesNotContain, MatchRegex, and DoesNoteMatchRegex.Possible enum values:- 'Contains' line contains a string.- 'DoesNotContain' line does not contain a string.- 'MatchRegex' line contains a match to the regular expression.- 'DoesNotMatchRegex' line does not contain a match to the regular expression. Optional: @@ -152,7 +152,7 @@ Required: Optional: - `charts_image` (String) Defines the image of Helm charts. -- `charts_path_in_image` (String) Defines the path of Helm charts in the image. This path is used to copy Helm charts from the image to the shared volume. The default path is '/charts'. +- `charts_path_in_image` (String) Defines the path of Helm charts in the image. This path is used to copyHelm charts from the image to the shared volume. The default path is '/charts'. - `install_options` (Map of String) Defines the options for Helm release installation. - `install_values` (Attributes) Defines the set values for Helm release installation. (see [below for nested schema](#nestedatt--spec--helm--install_values)) - `values_mapping` (Attributes) Defines the mapping of add-on normalized resources parameters to Helm values' keys. (see [below for nested schema](#nestedatt--spec--helm--values_mapping)) @@ -162,8 +162,8 @@ Optional: Optional: -- `config_map_refs` (Attributes List) Selects a key from a ConfigMap item list. The value can be a JSON or YAML string content. Use a key name with '.json', '.yaml', or '.yml' extension to specify a content type. (see [below for nested schema](#nestedatt--spec--helm--install_values--config_map_refs)) -- `secret_refs` (Attributes List) Selects a key from a Secrets item list. The value can be a JSON or YAML string content. Use a key name with '.json', '.yaml', or '.yml' extension to specify a content type. (see [below for nested schema](#nestedatt--spec--helm--install_values--secret_refs)) +- `config_map_refs` (Attributes List) Selects a key from a ConfigMap item list. The value can bea JSON or YAML string content. Use a key name with '.json', '.yaml', or '.yml'extension to specify a content type. (see [below for nested schema](#nestedatt--spec--helm--install_values--config_map_refs)) +- `secret_refs` (Attributes List) Selects a key from a Secrets item list. The value can bea JSON or YAML string content. Use a key name with '.json', '.yaml', or '.yml'extension to specify a content type. (see [below for nested schema](#nestedatt--spec--helm--install_values--secret_refs)) - `set_json_values` (List of String) JSON values set during Helm installation. Multiple or separate values can be specified with commas (key1=jsonval1,key2=jsonval2). - `set_values` (List of String) Values set during Helm installation. Multiple or separate values can be specified with commas (key1=val1,key2=val2). - `urls` (List of String) Specifies the URL location of the values file. @@ -193,9 +193,9 @@ Required: Optional: - `extras` (Attributes List) Helm value mapping items for extra items. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras)) -- `json_map` (Attributes) Defines the 'key' mapping values. The valid key is tolerations. Enum values explained: - 'tolerations' sets the toleration mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--json_map)) +- `json_map` (Attributes) Defines the 'key' mapping values. The valid key is tolerations.Enum values explained:- 'tolerations' sets the toleration mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--json_map)) - `resources` (Attributes) Sets resources related mapping keys. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--resources)) -- `value_map` (Attributes) Defines the 'key' mapping values. Valid keys include 'replicaCount', 'persistentVolumeEnabled', and 'storageClass'. Enum values explained: - 'replicaCount' sets the replicaCount value mapping key. - 'persistentVolumeEnabled' sets the persistent volume enabled mapping key. - 'storageClass' sets the storageClass mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--value_map)) +- `value_map` (Attributes) Defines the 'key' mapping values. Valid keys include 'replicaCount','persistentVolumeEnabled', and 'storageClass'.Enum values explained:- 'replicaCount' sets the replicaCount value mapping key.- 'persistentVolumeEnabled' sets the persistent volume enabled mapping key.- 'storageClass' sets the storageClass mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--value_map)) ### Nested Schema for `spec.helm.values_mapping.extras` @@ -206,9 +206,9 @@ Required: Optional: -- `json_map` (Attributes) Defines the 'key' mapping values. The valid key is tolerations. Enum values explained: - 'tolerations' sets the toleration mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras--json_map)) +- `json_map` (Attributes) Defines the 'key' mapping values. The valid key is tolerations.Enum values explained:- 'tolerations' sets the toleration mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras--json_map)) - `resources` (Attributes) Sets resources related mapping keys. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras--resources)) -- `value_map` (Attributes) Defines the 'key' mapping values. Valid keys include 'replicaCount', 'persistentVolumeEnabled', and 'storageClass'. Enum values explained: - 'replicaCount' sets the replicaCount value mapping key. - 'persistentVolumeEnabled' sets the persistent volume enabled mapping key. - 'storageClass' sets the storageClass mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras--value_map)) +- `value_map` (Attributes) Defines the 'key' mapping values. Valid keys include 'replicaCount','persistentVolumeEnabled', and 'storageClass'.Enum values explained:- 'replicaCount' sets the replicaCount value mapping key.- 'persistentVolumeEnabled' sets the persistent volume enabled mapping key.- 'storageClass' sets the storageClass mapping key. (see [below for nested schema](#nestedatt--spec--helm--values_mapping--extras--value_map)) ### Nested Schema for `spec.helm.values_mapping.extras.json_map` @@ -338,8 +338,8 @@ Optional: Optional: -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified; otherwise, it defaults to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified;otherwise, it defaults to an implementation-defined value.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. @@ -348,8 +348,8 @@ Optional: Optional: -- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. -- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified; otherwise, it defaults to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. +- `requests` (Map of String) Requests describes the minimum amount of compute resources required.If Requests is omitted for a container, it defaults to Limits if that is explicitly specified;otherwise, it defaults to an implementation-defined value.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/. @@ -362,15 +362,15 @@ Required: Optional: -- `selectors` (Attributes List) Specifies the selectors for add-on installation. If multiple selectors are provided, they must all evaluate to true for the add-on to be installed. (see [below for nested schema](#nestedatt--spec--installable--selectors)) +- `selectors` (Attributes List) Specifies the selectors for add-on installation. If multiple selectors are provided,they must all evaluate to true for the add-on to be installed. (see [below for nested schema](#nestedatt--spec--installable--selectors)) ### Nested Schema for `spec.installable.selectors` Required: -- `key` (String) The selector key. Valid values are KubeVersion, KubeGitVersion and KubeProvider. - 'KubeVersion' the semver expression of Kubernetes versions, i.e., v1.24. - 'KubeGitVersion' may contain distro. info., i.e., v1.24.4+eks. - 'KubeProvider' the Kubernetes provider, i.e., aws, gcp, azure, huaweiCloud, tencentCloud etc. -- `operator` (String) Represents a key's relationship to a set of values. Valid operators are Contains, NotIn, DoesNotContain, MatchRegex, and DoesNoteMatchRegex. Possible enum values: - 'Contains' line contains a string. - 'DoesNotContain' line does not contain a string. - 'MatchRegex' line contains a match to the regular expression. - 'DoesNotMatchRegex' line does not contain a match to the regular expression. +- `key` (String) The selector key. Valid values are KubeVersion, KubeGitVersion and KubeProvider.- 'KubeVersion' the semver expression of Kubernetes versions, i.e., v1.24.- 'KubeGitVersion' may contain distro. info., i.e., v1.24.4+eks.- 'KubeProvider' the Kubernetes provider, i.e., aws, gcp, azure, huaweiCloud, tencentCloud etc. +- `operator` (String) Represents a key's relationship to a set of values.Valid operators are Contains, NotIn, DoesNotContain, MatchRegex, and DoesNoteMatchRegex.Possible enum values:- 'Contains' line contains a string.- 'DoesNotContain' line does not contain a string.- 'MatchRegex' line contains a match to the regular expression.- 'DoesNotMatchRegex' line does not contain a match to the regular expression. Optional: diff --git a/docs/data-sources/external_secrets_io_cluster_secret_store_v1beta1_manifest.md b/docs/data-sources/external_secrets_io_cluster_secret_store_v1beta1_manifest.md index b1a972750..eb177640e 100644 --- a/docs/data-sources/external_secrets_io_cluster_secret_store_v1beta1_manifest.md +++ b/docs/data-sources/external_secrets_io_cluster_secret_store_v1beta1_manifest.md @@ -91,12 +91,14 @@ Optional: - `chef` (Attributes) Chef configures this store to sync secrets with chef server (see [below for nested schema](#nestedatt--spec--provider--chef)) - `conjur` (Attributes) Conjur configures this store to sync secrets using conjur provider (see [below for nested schema](#nestedatt--spec--provider--conjur)) - `delinea` (Attributes) Delinea DevOps Secrets Vaulthttps://docs.delinea.com/online-help/products/devops-secrets-vault/current (see [below for nested schema](#nestedatt--spec--provider--delinea)) +- `device42` (Attributes) Device42 configures this store to sync secrets using the Device42 provider (see [below for nested schema](#nestedatt--spec--provider--device42)) - `doppler` (Attributes) Doppler configures this store to sync secrets using the Doppler provider (see [below for nested schema](#nestedatt--spec--provider--doppler)) - `fake` (Attributes) Fake configures a store with static key/value pairs (see [below for nested schema](#nestedatt--spec--provider--fake)) - `fortanix` (Attributes) Fortanix configures this store to sync secrets using the Fortanix provider (see [below for nested schema](#nestedatt--spec--provider--fortanix)) - `gcpsm` (Attributes) GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider (see [below for nested schema](#nestedatt--spec--provider--gcpsm)) - `gitlab` (Attributes) GitLab configures this store to sync secrets using GitLab Variables provider (see [below for nested schema](#nestedatt--spec--provider--gitlab)) - `ibm` (Attributes) IBM configures this store to sync secrets using IBM Cloud provider (see [below for nested schema](#nestedatt--spec--provider--ibm)) +- `infisical` (Attributes) Infisical configures this store to sync secrets using the Infisical provider (see [below for nested schema](#nestedatt--spec--provider--infisical)) - `keepersecurity` (Attributes) KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider (see [below for nested schema](#nestedatt--spec--provider--keepersecurity)) - `kubernetes` (Attributes) Kubernetes configures this store to sync secrets using a Kubernetes cluster provider (see [below for nested schema](#nestedatt--spec--provider--kubernetes)) - `onboardbase` (Attributes) Onboardbase configures this store to sync secrets using the Onboardbase provider (see [below for nested schema](#nestedatt--spec--provider--onboardbase)) @@ -666,6 +668,41 @@ Optional: + +### Nested Schema for `spec.provider.device42` + +Required: + +- `auth` (Attributes) Auth configures how secret-manager authenticates with a Device42 instance. (see [below for nested schema](#nestedatt--spec--provider--device42--auth)) +- `host` (String) URL configures the Device42 instance URL. + + +### Nested Schema for `spec.provider.device42.auth` + +Required: + +- `secret_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--device42--auth--secret_ref)) + + +### Nested Schema for `spec.provider.device42.auth.secret_ref` + +Optional: + +- `credentials` (Attributes) Username / Password is used for authentication. (see [below for nested schema](#nestedatt--spec--provider--device42--auth--secret_ref--credentials)) + + +### Nested Schema for `spec.provider.device42.auth.secret_ref.credentials` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + + + ### Nested Schema for `spec.provider.doppler` @@ -914,6 +951,69 @@ Optional: + +### Nested Schema for `spec.provider.infisical` + +Required: + +- `auth` (Attributes) Auth configures how the Operator authenticates with the Infisical API (see [below for nested schema](#nestedatt--spec--provider--infisical--auth)) +- `secrets_scope` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--infisical--secrets_scope)) + +Optional: + +- `host_api` (String) + + +### Nested Schema for `spec.provider.infisical.auth` + +Optional: + +- `universal_auth_credentials` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials)) + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials` + +Required: + +- `client_id` (Attributes) A reference to a specific 'key' within a Secret resource,In some instances, 'key' is a required field. (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials--client_id)) +- `client_secret` (Attributes) A reference to a specific 'key' within a Secret resource,In some instances, 'key' is a required field. (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials--client_secret)) + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials.client_id` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials.client_secret` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + + + +### Nested Schema for `spec.provider.infisical.secrets_scope` + +Required: + +- `environment_slug` (String) +- `project_slug` (String) + +Optional: + +- `secrets_path` (String) + + + ### Nested Schema for `spec.provider.keepersecurity` diff --git a/docs/data-sources/external_secrets_io_secret_store_v1beta1_manifest.md b/docs/data-sources/external_secrets_io_secret_store_v1beta1_manifest.md index d77c5d28b..4505dec85 100644 --- a/docs/data-sources/external_secrets_io_secret_store_v1beta1_manifest.md +++ b/docs/data-sources/external_secrets_io_secret_store_v1beta1_manifest.md @@ -76,12 +76,14 @@ Optional: - `chef` (Attributes) Chef configures this store to sync secrets with chef server (see [below for nested schema](#nestedatt--spec--provider--chef)) - `conjur` (Attributes) Conjur configures this store to sync secrets using conjur provider (see [below for nested schema](#nestedatt--spec--provider--conjur)) - `delinea` (Attributes) Delinea DevOps Secrets Vaulthttps://docs.delinea.com/online-help/products/devops-secrets-vault/current (see [below for nested schema](#nestedatt--spec--provider--delinea)) +- `device42` (Attributes) Device42 configures this store to sync secrets using the Device42 provider (see [below for nested schema](#nestedatt--spec--provider--device42)) - `doppler` (Attributes) Doppler configures this store to sync secrets using the Doppler provider (see [below for nested schema](#nestedatt--spec--provider--doppler)) - `fake` (Attributes) Fake configures a store with static key/value pairs (see [below for nested schema](#nestedatt--spec--provider--fake)) - `fortanix` (Attributes) Fortanix configures this store to sync secrets using the Fortanix provider (see [below for nested schema](#nestedatt--spec--provider--fortanix)) - `gcpsm` (Attributes) GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider (see [below for nested schema](#nestedatt--spec--provider--gcpsm)) - `gitlab` (Attributes) GitLab configures this store to sync secrets using GitLab Variables provider (see [below for nested schema](#nestedatt--spec--provider--gitlab)) - `ibm` (Attributes) IBM configures this store to sync secrets using IBM Cloud provider (see [below for nested schema](#nestedatt--spec--provider--ibm)) +- `infisical` (Attributes) Infisical configures this store to sync secrets using the Infisical provider (see [below for nested schema](#nestedatt--spec--provider--infisical)) - `keepersecurity` (Attributes) KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider (see [below for nested schema](#nestedatt--spec--provider--keepersecurity)) - `kubernetes` (Attributes) Kubernetes configures this store to sync secrets using a Kubernetes cluster provider (see [below for nested schema](#nestedatt--spec--provider--kubernetes)) - `onboardbase` (Attributes) Onboardbase configures this store to sync secrets using the Onboardbase provider (see [below for nested schema](#nestedatt--spec--provider--onboardbase)) @@ -651,6 +653,41 @@ Optional: + +### Nested Schema for `spec.provider.device42` + +Required: + +- `auth` (Attributes) Auth configures how secret-manager authenticates with a Device42 instance. (see [below for nested schema](#nestedatt--spec--provider--device42--auth)) +- `host` (String) URL configures the Device42 instance URL. + + +### Nested Schema for `spec.provider.device42.auth` + +Required: + +- `secret_ref` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--device42--auth--secret_ref)) + + +### Nested Schema for `spec.provider.device42.auth.secret_ref` + +Optional: + +- `credentials` (Attributes) Username / Password is used for authentication. (see [below for nested schema](#nestedatt--spec--provider--device42--auth--secret_ref--credentials)) + + +### Nested Schema for `spec.provider.device42.auth.secret_ref.credentials` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + + + ### Nested Schema for `spec.provider.doppler` @@ -899,6 +936,69 @@ Optional: + +### Nested Schema for `spec.provider.infisical` + +Required: + +- `auth` (Attributes) Auth configures how the Operator authenticates with the Infisical API (see [below for nested schema](#nestedatt--spec--provider--infisical--auth)) +- `secrets_scope` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--infisical--secrets_scope)) + +Optional: + +- `host_api` (String) + + +### Nested Schema for `spec.provider.infisical.auth` + +Optional: + +- `universal_auth_credentials` (Attributes) (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials)) + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials` + +Required: + +- `client_id` (Attributes) A reference to a specific 'key' within a Secret resource,In some instances, 'key' is a required field. (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials--client_id)) +- `client_secret` (Attributes) A reference to a specific 'key' within a Secret resource,In some instances, 'key' is a required field. (see [below for nested schema](#nestedatt--spec--provider--infisical--auth--universal_auth_credentials--client_secret)) + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials.client_id` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + +### Nested Schema for `spec.provider.infisical.auth.universal_auth_credentials.client_secret` + +Optional: + +- `key` (String) The key of the entry in the Secret resource's 'data' field to be used. Some instances of this field may bedefaulted, in others it may be required. +- `name` (String) The name of the Secret resource being referred to. +- `namespace` (String) Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaultsto the namespace of the referent. + + + + + +### Nested Schema for `spec.provider.infisical.secrets_scope` + +Required: + +- `environment_slug` (String) +- `project_slug` (String) + +Optional: + +- `secrets_path` (String) + + + ### Nested Schema for `spec.provider.keepersecurity` diff --git a/docs/data-sources/flows_netobserv_io_flow_collector_v1beta1_manifest.md b/docs/data-sources/flows_netobserv_io_flow_collector_v1beta1_manifest.md index fd1be1f45..a3fed24a5 100644 --- a/docs/data-sources/flows_netobserv_io_flow_collector_v1beta1_manifest.md +++ b/docs/data-sources/flows_netobserv_io_flow_collector_v1beta1_manifest.md @@ -124,7 +124,7 @@ Optional: Optional: -- `disable_alerts` (List of String) 'disableAlerts' is a list of alerts that should be disabled.Possible values are:
'NetObservDroppedFlows', which is triggered when the eBPF agent is dropping flows, such as when the BPF hashmap is full or the capacity limiter being triggered.
+- `disable_alerts` (List of String) 'disableAlerts' is a list of alerts that should be disabled.Possible values are:
'NetObservDroppedFlows', which is triggered when the eBPF agent is missing packets or flows, such as when the BPF hashmap is busy or full, or the capacity limiter being triggered.
- `enable` (Boolean) Set 'enable' to 'false' to disable eBPF agent metrics collection, by default it's 'true'. - `server` (Attributes) Metrics server endpoint configuration for Prometheus scraper (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics--server)) diff --git a/docs/data-sources/flows_netobserv_io_flow_collector_v1beta2_manifest.md b/docs/data-sources/flows_netobserv_io_flow_collector_v1beta2_manifest.md index 0934e3809..43adce1cd 100644 --- a/docs/data-sources/flows_netobserv_io_flow_collector_v1beta2_manifest.md +++ b/docs/data-sources/flows_netobserv_io_flow_collector_v1beta2_manifest.md @@ -30,7 +30,7 @@ data "k8s_flows_netobserv_io_flow_collector_v1beta2_manifest" "example" { ### Optional -- `spec` (Attributes) Defines the desired state of the FlowCollector resource.

*: the mention of 'unsupported', or 'deprecated' for a feature throughout this document means that this featureis not officially supported by Red Hat. It might have been, for example, contributed by the communityand accepted without a formal agreement for maintenance. The product maintainers might provide some supportfor these features as a best effort only. (see [below for nested schema](#nestedatt--spec)) +- `spec` (Attributes) Defines the desired state of the FlowCollector resource.

*: the mention of 'unsupported' or 'deprecated' for a feature throughout this document means that this featureis not officially supported by Red Hat. It might have been, for example, contributed by the communityand accepted without a formal agreement for maintenance. The product maintainers might provide some supportfor these features as a best effort only. (see [below for nested schema](#nestedatt--spec)) ### Read-Only @@ -56,7 +56,7 @@ Optional: - `agent` (Attributes) Agent configuration for flows extraction. (see [below for nested schema](#nestedatt--spec--agent)) - `console_plugin` (Attributes) 'consolePlugin' defines the settings related to the OpenShift Console plugin, when available. (see [below for nested schema](#nestedatt--spec--console_plugin)) -- `deployment_model` (String) 'deploymentModel' defines the desired type of deployment for flow processing. Possible values are:
- 'Direct' (default) to make the flow processor listening directly from the agents.
- 'Kafka' to make flows sent to a Kafka pipeline before consumption by the processor.
Kafka can provide better scalability, resiliency, and high availability (for more details, see https://www.redhat.com/en/topics/integration/what-is-apache-kafka). +- `deployment_model` (String) 'deploymentModel' defines the desired type of deployment for flow processing. Possible values are:
- 'Direct' (default) to make the flow processor listen directly from the agents.
- 'Kafka' to make flows sent to a Kafka pipeline before consumption by the processor.
Kafka can provide better scalability, resiliency, and high availability (for more details, see https://www.redhat.com/en/topics/integration/what-is-apache-kafka). - `exporters` (Attributes List) 'exporters' define additional optional exporters for custom consumption or storage. (see [below for nested schema](#nestedatt--spec--exporters)) - `kafka` (Attributes) Kafka configuration, allowing to use Kafka as a broker as part of the flow collection pipeline. Available when the 'spec.deploymentModel' is 'Kafka'. (see [below for nested schema](#nestedatt--spec--kafka)) - `loki` (Attributes) 'loki', the flow store, client settings. (see [below for nested schema](#nestedatt--spec--loki)) @@ -83,14 +83,14 @@ Optional: - `cache_max_flows` (Number) 'cacheMaxFlows' is the max number of flows in an aggregate; when reached, the reporter sends the flows.Increasing 'cacheMaxFlows' and 'cacheActiveTimeout' can decrease the network traffic overhead and the CPU load,however you can expect higher memory consumption and an increased latency in the flow collection. - `exclude_interfaces` (List of String) 'excludeInterfaces' contains the interface names that are excluded from flow tracing.An entry enclosed by slashes, such as '/br-/', is matched as a regular expression.Otherwise it is matched as a case-sensitive string. - `features` (List of String) List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- 'PacketDrop': enable the packets drop flows logging feature. This feature requires mountingthe kernel debug filesystem, so the eBPF pod has to run as privileged.If the 'spec.agent.ebpf.privileged' parameter is not set, an error is reported.
- 'DNSTracking': enable the DNS tracking feature.
- 'FlowRTT': enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
-- `flow_filter` (Attributes) 'flowFilter' defines the eBPF agent configuration regarding flow filtering (see [below for nested schema](#nestedatt--spec--agent--ebpf--flow_filter)) +- `flow_filter` (Attributes) 'flowFilter' defines the eBPF agent configuration regarding flow filtering. (see [below for nested schema](#nestedatt--spec--agent--ebpf--flow_filter)) - `image_pull_policy` (String) 'imagePullPolicy' is the Kubernetes pull policy for the image defined above - `interfaces` (List of String) 'interfaces' contains the interface names from where flows are collected. If empty, the agentfetches all the interfaces in the system, excepting the ones listed in 'excludeInterfaces'.An entry enclosed by slashes, such as '/br-/', is matched as a regular expression.Otherwise it is matched as a case-sensitive string. - `kafka_batch_size` (Number) 'kafkaBatchSize' limits the maximum size of a request in bytes before being sent to a partition. Ignored when not using Kafka. Default: 1MB. - `log_level` (String) 'logLevel' defines the log level for the NetObserv eBPF Agent -- `metrics` (Attributes) 'metrics' defines the eBPF agent configuration regarding metrics (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics)) +- `metrics` (Attributes) 'metrics' defines the eBPF agent configuration regarding metrics. (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics)) - `privileged` (Boolean) Privileged mode for the eBPF Agent container. When ignored or set to 'false', the operator setsgranular capabilities (BPF, PERFMON, NET_ADMIN, SYS_RESOURCE) to the container.If for some reason these capabilities cannot be set, such as if an old kernel version not knowing CAP_BPFis in use, then you can turn on this mode for more global privileges.Some agent features require the privileged mode, such as packet drops tracking (see 'features') and SR-IOV support. -- `resources` (Attributes) 'resources' are the compute resources required by this container.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--agent--ebpf--resources)) +- `resources` (Attributes) 'resources' are the compute resources required by this container.For more information, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--agent--ebpf--resources)) - `sampling` (Number) Sampling rate of the flow reporter. 100 means one flow on 100 is sent. 0 or 1 means all flows are sampled. @@ -107,7 +107,7 @@ Optional: Optional: - `affinity` (Attributes) If specified, the pod's scheduling constraints. For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--agent--ebpf--advanced--scheduling--affinity)) -- `node_selector` (Map of String) 'nodeSelector' allows to schedule pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. +- `node_selector` (Map of String) 'nodeSelector' allows scheduling of pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. - `priority_class_name` (String) If specified, indicates the pod's priority. For documentation, refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#how-to-use-priority-and-preemption.If not specified, default priority is used, or zero if there is no default. - `tolerations` (Attributes List) 'tolerations' is a list of tolerations that allow the pod to schedule onto nodes with matching taints.For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--agent--ebpf--advanced--scheduling--tolerations)) @@ -514,15 +514,15 @@ Optional: - `action` (String) 'action' defines the action to perform on the flows that match the filter. - `cidr` (String) 'cidr' defines the IP CIDR to filter flows by.Examples: '10.10.10.0/24' or '100:100:100:100::/64' -- `dest_ports` (String) 'destPorts' defines the destination ports to filter flows by.To filter a single port, set a single port as an integer value. For example: 'destPorts: 80'.To filter a range of ports, use a 'start-end' range, string format. For example: 'destPorts: '80-100''. +- `dest_ports` (String) 'destPorts' defines the destination ports to filter flows by.To filter a single port, set a single port as an integer value. For example: 'destPorts: 80'.To filter a range of ports, use a 'start-end' range in string format. For example: 'destPorts: '80-100''. - `direction` (String) 'direction' defines the direction to filter flows by. -- `enable` (Boolean) Set 'enable' to 'true' to enable eBPF flow filtering feature. -- `icmp_code` (Number) 'icmpCode' defines the ICMP code to filter flows by. -- `icmp_type` (Number) 'icmpType' defines the ICMP type to filter flows by. +- `enable` (Boolean) Set 'enable' to 'true' to enable the eBPF flow filtering feature. +- `icmp_code` (Number) 'icmpCode', for Internet Control Message Protocol (ICMP) traffic, defines the ICMP code to filter flows by. +- `icmp_type` (Number) 'icmpType', for ICMP traffic, defines the ICMP type to filter flows by. - `peer_ip` (String) 'peerIP' defines the IP address to filter flows by.Example: '10.10.10.10'. -- `ports` (String) 'ports' defines the ports to filter flows by, used both for source and destination ports.To filter a single port, set a single port as an integer value. For example: 'ports: 80'.To filter a range of ports, use a 'start-end' range, string format. For example: 'ports: '80-100''. +- `ports` (String) 'ports' defines the ports to filter flows by. It is used both for source and destination ports.To filter a single port, set a single port as an integer value. For example: 'ports: 80'.To filter a range of ports, use a 'start-end' range in string format. For example: 'ports: '80-100''. - `protocol` (String) 'protocol' defines the protocol to filter flows by. -- `source_ports` (String) 'sourcePorts' defines the source ports to filter flows by.To filter a single port, set a single port as an integer value. For example: 'sourcePorts: 80'.To filter a range of ports, use a 'start-end' range, string format. For example: 'sourcePorts: '80-100''. +- `source_ports` (String) 'sourcePorts' defines the source ports to filter flows by.To filter a single port, set a single port as an integer value. For example: 'sourcePorts: 80'.To filter a range of ports, use a 'start-end' range in string format. For example: 'sourcePorts: '80-100''. @@ -530,16 +530,16 @@ Optional: Optional: -- `disable_alerts` (List of String) 'disableAlerts' is a list of alerts that should be disabled.Possible values are:
'NetObservDroppedFlows', which is triggered when the eBPF agent is dropping flows, such as when the BPF hashmap is full or the capacity limiter being triggered.
+- `disable_alerts` (List of String) 'disableAlerts' is a list of alerts that should be disabled.Possible values are:
'NetObservDroppedFlows', which is triggered when the eBPF agent is missing packets or flows, such as when the BPF hashmap is busy or full, or the capacity limiter is being triggered.
- `enable` (Boolean) Set 'enable' to 'false' to disable eBPF agent metrics collection. It is enabled by default. -- `server` (Attributes) Metrics server endpoint configuration for Prometheus scraper (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics--server)) +- `server` (Attributes) Metrics server endpoint configuration for the Prometheus scraper. (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics--server)) ### Nested Schema for `spec.agent.ebpf.metrics.server` Optional: -- `port` (Number) The metrics server HTTP port +- `port` (Number) The metrics server HTTP port. - `tls` (Attributes) TLS configuration. (see [below for nested schema](#nestedatt--spec--agent--ebpf--metrics--server--tls)) @@ -557,11 +557,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -569,10 +569,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -636,24 +636,24 @@ Optional: - `advanced` (Attributes) 'advanced' allows setting some aspects of the internal configuration of the console plugin.This section is aimed mostly for debugging and fine-grained performance optimizations,such as 'GOGC' and 'GOMAXPROCS' env vars. Set these values at your own risk. (see [below for nested schema](#nestedatt--spec--console_plugin--advanced)) - `autoscaler` (Attributes) 'autoscaler' spec of a horizontal pod autoscaler to set up for the plugin Deployment. (see [below for nested schema](#nestedatt--spec--console_plugin--autoscaler)) -- `enable` (Boolean) Enables the console plugin deployment.'spec.loki.enable' must also be 'true' +- `enable` (Boolean) Enables the console plugin deployment. - `image_pull_policy` (String) 'imagePullPolicy' is the Kubernetes pull policy for the image defined above - `log_level` (String) 'logLevel' for the console plugin backend - `port_naming` (Attributes) 'portNaming' defines the configuration of the port-to-service name translation (see [below for nested schema](#nestedatt--spec--console_plugin--port_naming)) - `quick_filters` (Attributes List) 'quickFilters' configures quick filter presets for the Console plugin (see [below for nested schema](#nestedatt--spec--console_plugin--quick_filters)) - `replicas` (Number) 'replicas' defines the number of replicas (pods) to start. -- `resources` (Attributes) 'resources', in terms of compute resources, required by this container.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--console_plugin--resources)) +- `resources` (Attributes) 'resources', in terms of compute resources, required by this container.For more information, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--console_plugin--resources)) ### Nested Schema for `spec.console_plugin.advanced` Optional: -- `args` (List of String) 'args' allows passing custom arguments to underlying components. Useful for overridingsome parameters, such as an url or a configuration path, that should not bepublicly exposed as part of the FlowCollector descriptor, as they are only usefulin edge debug or support scenarios. +- `args` (List of String) 'args' allows passing custom arguments to underlying components. Useful for overridingsome parameters, such as a URL or a configuration path, that should not bepublicly exposed as part of the FlowCollector descriptor, as they are only usefulin edge debug or support scenarios. - `env` (Map of String) 'env' allows passing custom environment variables to underlying components. Useful for passingsome very concrete performance-tuning options, such as 'GOGC' and 'GOMAXPROCS', that should not bepublicly exposed as part of the FlowCollector descriptor, as they are only usefulin edge debug or support scenarios. - `port` (Number) 'port' is the plugin service port. Do not use 9002, which is reserved for metrics. - `register` (Boolean) 'register' allows, when set to 'true', to automatically register the provided console plugin with the OpenShift Console operator.When set to 'false', you can still register it manually by editing console.operator.openshift.io/cluster with the following command:'oc patch console.operator.openshift.io cluster --type='json' -p '[{'op': 'add', 'path': '/spec/plugins/-', 'value': 'netobserv-plugin'}]'' -- `scheduling` (Attributes) scheduling controls how the pods are scheduled on nodes. (see [below for nested schema](#nestedatt--spec--console_plugin--advanced--scheduling)) +- `scheduling` (Attributes) 'scheduling' controls how the pods are scheduled on nodes. (see [below for nested schema](#nestedatt--spec--console_plugin--advanced--scheduling)) ### Nested Schema for `spec.console_plugin.advanced.scheduling` @@ -661,7 +661,7 @@ Optional: Optional: - `affinity` (Attributes) If specified, the pod's scheduling constraints. For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--console_plugin--advanced--scheduling--affinity)) -- `node_selector` (Map of String) 'nodeSelector' allows to schedule pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. +- `node_selector` (Map of String) 'nodeSelector' allows scheduling of pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. - `priority_class_name` (String) If specified, indicates the pod's priority. For documentation, refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#how-to-use-priority-and-preemption.If not specified, default priority is used, or zero if there is no default. - `tolerations` (Attributes List) 'tolerations' is a list of tolerations that allow the pod to schedule onto nodes with matching taints.For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--console_plugin--advanced--scheduling--tolerations)) @@ -1413,10 +1413,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -1424,10 +1424,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -1446,11 +1446,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1458,11 +1458,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1495,10 +1495,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -1506,10 +1506,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -1528,11 +1528,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1540,11 +1540,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1614,11 +1614,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1626,11 +1626,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1649,11 +1649,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1661,11 +1661,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1695,11 +1695,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1707,11 +1707,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1740,11 +1740,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1752,11 +1752,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -1779,7 +1779,7 @@ Optional: - `log_types` (String) 'logTypes' defines the desired record types to generate. Possible values are:
- 'Flows' (default) to export regular network flows
- 'Conversations' to generate events for started conversations, ended conversations as well as periodic 'tick' updates
- 'EndedConversations' to generate only ended conversations events
- 'All' to generate both network flows and all conversations events
- `metrics` (Attributes) 'Metrics' define the processor configuration regarding metrics (see [below for nested schema](#nestedatt--spec--processor--metrics)) - `multi_cluster_deployment` (Boolean) Set 'multiClusterDeployment' to 'true' to enable multi clusters feature. This adds 'clusterName' label to flows data -- `resources` (Attributes) 'resources' are the compute resources required by this container.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--processor--resources)) +- `resources` (Attributes) 'resources' are the compute resources required by this container.For more information, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--processor--resources)) - `subnet_labels` (Attributes) 'subnetLabels' allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift, which is used to identify cluster external traffic.When a subnet matches the source or destination IP of a flow, a corresponding field is added: 'SrcSubnetLabel' or 'DstSubnetLabel'. (see [below for nested schema](#nestedatt--spec--processor--subnet_labels)) @@ -1804,7 +1804,7 @@ Optional: Optional: - `affinity` (Attributes) If specified, the pod's scheduling constraints. For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--processor--advanced--scheduling--affinity)) -- `node_selector` (Map of String) 'nodeSelector' allows to schedule pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. +- `node_selector` (Map of String) 'nodeSelector' allows scheduling of pods only onto nodes that have each of the specified labels.For documentation, refer to https://kubernetes.io/docs/concepts/configuration/assign-pod-node/. - `priority_class_name` (String) If specified, indicates the pod's priority. For documentation, refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#how-to-use-priority-and-preemption.If not specified, default priority is used, or zero if there is no default. - `tolerations` (Attributes List) 'tolerations' is a list of tolerations that allow the pod to schedule onto nodes with matching taints.For documentation, refer to https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling. (see [below for nested schema](#nestedatt--spec--processor--advanced--scheduling--tolerations)) @@ -2477,7 +2477,7 @@ Optional: Optional: -- `port` (Number) The metrics server HTTP port +- `port` (Number) The metrics server HTTP port. - `tls` (Attributes) TLS configuration. (see [below for nested schema](#nestedatt--spec--processor--metrics--server--tls)) @@ -2495,11 +2495,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -2507,10 +2507,10 @@ Optional: Optional: -- `file` (String) File name within the config map or secret -- `name` (String) Name of the config map or secret containing the file +- `file` (String) File name within the config map or secret. +- `name` (String) Name of the config map or secret containing the file. - `namespace` (String) Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the file reference: 'configmap' or 'secret' +- `type` (String) Type for the file reference: 'configmap' or 'secret'. @@ -2594,11 +2594,11 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. @@ -2606,8 +2606,8 @@ Optional: Optional: -- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret +- `cert_file` (String) 'certFile' defines the path to the certificate file name within the config map or secret. - `cert_key` (String) 'certKey' defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. -- `name` (String) Name of the config map or secret containing certificates +- `name` (String) Name of the config map or secret containing certificates. - `namespace` (String) Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.If the namespace is different, the config map or the secret is copied so that it can be mounted as required. -- `type` (String) Type for the certificate reference: 'configmap' or 'secret' +- `type` (String) Type for the certificate reference: 'configmap' or 'secret'. diff --git a/docs/data-sources/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.md b/docs/data-sources/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.md index 63194cc0f..ab6d69623 100644 --- a/docs/data-sources/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.md +++ b/docs/data-sources/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.md @@ -371,6 +371,7 @@ Optional: - `time_key_format` (String) When Logstash_Format is enabled, this property defines the format of the timestamp. - `time_key_nanos` (Boolean) When Logstash_Format is enabled, enabling this property sends nanosecond precision timestamps. - `tls` (Attributes) Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. (see [below for nested schema](#nestedatt--spec--es--tls)) +- `total_limit_size` (String) Limit the maximum number of Chunks in the filesystem for the current output logical destination. - `trace_error` (Boolean) When enabled print the elasticsearch API calls to stdout when elasticsearch returns an error - `trace_output` (Boolean) When enabled print the elasticsearch API calls to stdout (for diag only) - `type` (String) Type name diff --git a/docs/data-sources/fluentbit_fluent_io_fluent_bit_v1alpha2_manifest.md b/docs/data-sources/fluentbit_fluent_io_fluent_bit_v1alpha2_manifest.md index 976dfbcc4..960d139b9 100644 --- a/docs/data-sources/fluentbit_fluent_io_fluent_bit_v1alpha2_manifest.md +++ b/docs/data-sources/fluentbit_fluent_io_fluent_bit_v1alpha2_manifest.md @@ -89,6 +89,7 @@ Optional: - `security_context` (Attributes) SecurityContext holds pod-level security attributes and common container settings. (see [below for nested schema](#nestedatt--spec--security_context)) - `service` (Attributes) Service represents configurations on the fluent-bit service. (see [below for nested schema](#nestedatt--spec--service)) - `service_account_annotations` (Map of String) Annotations to add to the Fluentbit service account +- `termination_grace_period_seconds` (Number) Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. - `tolerations` (Attributes List) Tolerations (see [below for nested schema](#nestedatt--spec--tolerations)) - `volumes` (Attributes List) List of volumes that can be mounted by containers belonging to the pod. (see [below for nested schema](#nestedatt--spec--volumes)) - `volumes_mounts` (Attributes List) Pod volumes to mount into the container's filesystem. (see [below for nested schema](#nestedatt--spec--volumes_mounts)) diff --git a/docs/data-sources/fluentbit_fluent_io_output_v1alpha2_manifest.md b/docs/data-sources/fluentbit_fluent_io_output_v1alpha2_manifest.md index 1286f2a69..51068ae0d 100644 --- a/docs/data-sources/fluentbit_fluent_io_output_v1alpha2_manifest.md +++ b/docs/data-sources/fluentbit_fluent_io_output_v1alpha2_manifest.md @@ -372,6 +372,7 @@ Optional: - `time_key_format` (String) When Logstash_Format is enabled, this property defines the format of the timestamp. - `time_key_nanos` (Boolean) When Logstash_Format is enabled, enabling this property sends nanosecond precision timestamps. - `tls` (Attributes) Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. (see [below for nested schema](#nestedatt--spec--es--tls)) +- `total_limit_size` (String) Limit the maximum number of Chunks in the filesystem for the current output logical destination. - `trace_error` (Boolean) When enabled print the elasticsearch API calls to stdout when elasticsearch returns an error - `trace_output` (Boolean) When enabled print the elasticsearch API calls to stdout (for diag only) - `type` (String) Type name diff --git a/docs/data-sources/forklift_konveyor_io_plan_v1beta1_manifest.md b/docs/data-sources/forklift_konveyor_io_plan_v1beta1_manifest.md index 1df27c6fe..caa12bc68 100644 --- a/docs/data-sources/forklift_konveyor_io_plan_v1beta1_manifest.md +++ b/docs/data-sources/forklift_konveyor_io_plan_v1beta1_manifest.md @@ -150,6 +150,7 @@ Optional: - `hooks` (Attributes List) Enable hooks. (see [below for nested schema](#nestedatt--spec--vms--hooks)) - `id` (String) The object ID.vsphere: The managed object ID. +- `luks` (Attributes) Disk decryption LUKS keys (see [below for nested schema](#nestedatt--spec--vms--luks)) - `name` (String) An object Name.vsphere: A qualified name. - `namespace` (String) The VM NamespaceOnly relevant for an openshift source. - `type` (String) Type used to qualify the name. @@ -177,6 +178,20 @@ Optional: + +### Nested Schema for `spec.vms.luks` + +Optional: + +- `api_version` (String) API version of the referent. +- `field_path` (String) If referring to a piece of an object instead of an entire object, this stringshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container within a pod, this would take on a value like:'spec.containers{name}' (where 'name' refers to the name of the container that triggeredthe event) or if no container name is specified 'spec.containers[2]' (container withindex 2 in this pod). This syntax is chosen only to have some well-defined way ofreferencing a part of an object.TODO: this design is not final and this field is subject to change in the future. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `resource_version` (String) Specific resourceVersion to which this reference is made, if any.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + + ### Nested Schema for `spec.transfer_network` diff --git a/docs/data-sources/gateway_solo_io_gateway_v1_manifest.md b/docs/data-sources/gateway_solo_io_gateway_v1_manifest.md index 14461fbe8..d99596725 100644 --- a/docs/data-sources/gateway_solo_io_gateway_v1_manifest.md +++ b/docs/data-sources/gateway_solo_io_gateway_v1_manifest.md @@ -105,6 +105,7 @@ Optional: - `ratelimit_server` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--ratelimit_server)) - `router` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--router)) - `sanitize_cluster_header` (Boolean) +- `stateful_session` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session)) - `tap` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--tap)) - `waf` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--waf)) - `wasm` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--wasm)) @@ -1297,6 +1298,42 @@ Optional: - `suppress_envoy_headers` (Boolean) + +### Nested Schema for `spec.http_gateway.options.stateful_session` + +Optional: + +- `cookie_based` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--cookie_based)) +- `header_based` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--header_based)) +- `strict` (Boolean) + + +### Nested Schema for `spec.http_gateway.options.stateful_session.cookie_based` + +Optional: + +- `cookie` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--cookie_based--cookie)) + + +### Nested Schema for `spec.http_gateway.options.stateful_session.cookie_based.cookie` + +Optional: + +- `name` (String) +- `path` (String) +- `ttl` (String) + + + + +### Nested Schema for `spec.http_gateway.options.stateful_session.header_based` + +Optional: + +- `header_name` (String) + + + ### Nested Schema for `spec.http_gateway.options.tap` @@ -1970,6 +2007,7 @@ Optional: - `ratelimit_server` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--ratelimit_server)) - `router` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--router)) - `sanitize_cluster_header` (Boolean) +- `stateful_session` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--stateful_session)) - `tap` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--tap)) - `waf` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--waf)) - `wasm` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--wasm)) @@ -3162,6 +3200,42 @@ Optional: - `suppress_envoy_headers` (Boolean) + +### Nested Schema for `spec.hybrid_gateway.matched_gateways.http_gateway.options.stateful_session` + +Optional: + +- `cookie_based` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--stateful_session--cookie_based)) +- `header_based` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--stateful_session--header_based)) +- `strict` (Boolean) + + +### Nested Schema for `spec.hybrid_gateway.matched_gateways.http_gateway.options.stateful_session.cookie_based` + +Optional: + +- `cookie` (Attributes) (see [below for nested schema](#nestedatt--spec--hybrid_gateway--matched_gateways--http_gateway--options--stateful_session--cookie_based--cookie)) + + +### Nested Schema for `spec.hybrid_gateway.matched_gateways.http_gateway.options.stateful_session.cookie_based.cookie` + +Optional: + +- `name` (String) +- `path` (String) +- `ttl` (String) + + + + +### Nested Schema for `spec.hybrid_gateway.matched_gateways.http_gateway.options.stateful_session.header_based` + +Optional: + +- `header_name` (String) + + + ### Nested Schema for `spec.hybrid_gateway.matched_gateways.http_gateway.options.tap` diff --git a/docs/data-sources/gateway_solo_io_matchable_http_gateway_v1_manifest.md b/docs/data-sources/gateway_solo_io_matchable_http_gateway_v1_manifest.md index e4fba1435..bec60dcf6 100644 --- a/docs/data-sources/gateway_solo_io_matchable_http_gateway_v1_manifest.md +++ b/docs/data-sources/gateway_solo_io_matchable_http_gateway_v1_manifest.md @@ -97,6 +97,7 @@ Optional: - `ratelimit_server` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--ratelimit_server)) - `router` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--router)) - `sanitize_cluster_header` (Boolean) +- `stateful_session` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session)) - `tap` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--tap)) - `waf` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--waf)) - `wasm` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--wasm)) @@ -1289,6 +1290,42 @@ Optional: - `suppress_envoy_headers` (Boolean) + +### Nested Schema for `spec.http_gateway.options.stateful_session` + +Optional: + +- `cookie_based` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--cookie_based)) +- `header_based` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--header_based)) +- `strict` (Boolean) + + +### Nested Schema for `spec.http_gateway.options.stateful_session.cookie_based` + +Optional: + +- `cookie` (Attributes) (see [below for nested schema](#nestedatt--spec--http_gateway--options--stateful_session--cookie_based--cookie)) + + +### Nested Schema for `spec.http_gateway.options.stateful_session.cookie_based.cookie` + +Optional: + +- `name` (String) +- `path` (String) +- `ttl` (String) + + + + +### Nested Schema for `spec.http_gateway.options.stateful_session.header_based` + +Optional: + +- `header_name` (String) + + + ### Nested Schema for `spec.http_gateway.options.tap` diff --git a/docs/data-sources/getambassador_io_host_v2_manifest.md b/docs/data-sources/getambassador_io_host_v2_manifest.md index 7e0eb6abc..10bbbbb37 100644 --- a/docs/data-sources/getambassador_io_host_v2_manifest.md +++ b/docs/data-sources/getambassador_io_host_v2_manifest.md @@ -80,7 +80,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. @@ -157,7 +157,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. diff --git a/docs/data-sources/getambassador_io_host_v3alpha1_manifest.md b/docs/data-sources/getambassador_io_host_v3alpha1_manifest.md index 057e8e4d0..02ac808a5 100644 --- a/docs/data-sources/getambassador_io_host_v3alpha1_manifest.md +++ b/docs/data-sources/getambassador_io_host_v3alpha1_manifest.md @@ -81,7 +81,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. @@ -180,7 +180,7 @@ Optional: Optional: -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? +- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. diff --git a/docs/data-sources/infinispan_org_infinispan_v1_manifest.md b/docs/data-sources/infinispan_org_infinispan_v1_manifest.md index 795fbd27e..f0ed643b3 100644 --- a/docs/data-sources/infinispan_org_infinispan_v1_manifest.md +++ b/docs/data-sources/infinispan_org_infinispan_v1_manifest.md @@ -515,6 +515,7 @@ Optional: Optional: - `artifacts` (Attributes List) (see [below for nested schema](#nestedatt--spec--dependencies--artifacts)) +- `init_container` (Attributes) InitDependenciesContainerSpec describes the configuration options for the dependency download init container (see [below for nested schema](#nestedatt--spec--dependencies--init_container)) - `volume_claim_name` (String) The Persistent Volume Claim that holds custom libraries @@ -528,6 +529,15 @@ Optional: - `url` (String) URL of the file you want to download. + +### Nested Schema for `spec.dependencies.init_container` + +Optional: + +- `cpu` (String) CPU in limit:request format +- `memory` (String) Memory in limit:request format + + ### Nested Schema for `spec.expose` diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest.md index cc2ade1aa..8d4dd8d1f 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereClusterIdentity defines the account to be used for reconciling clusters Deprecated: This type will be removed in one of the next releases. + VSphereClusterIdentity defines the account to be used for reconciling clustersDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha3_manifest (Data Source) -VSphereClusterIdentity defines the account to be used for reconciling clusters Deprecated: This type will be removed in one of the next releases. +VSphereClusterIdentity defines the account to be used for reconciling clustersDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -54,7 +54,7 @@ Optional: Optional: -- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account. Namespaces can be selected with a label selector. If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) +- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account.Namespaces can be selected with a label selector.If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) - `secret_name` (String) SecretName references a Secret inside the controller namespace with the credentials to use @@ -70,7 +70,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--allowed_namespaces--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.allowed_namespaces.selector.match_expressions` @@ -78,8 +78,8 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest.md index 5fdbb605a..d7a816c90 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereClusterIdentity defines the account to be used for reconciling clusters Deprecated: This type will be removed in one of the next releases. + VSphereClusterIdentity defines the account to be used for reconciling clustersDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1alpha4_manifest (Data Source) -VSphereClusterIdentity defines the account to be used for reconciling clusters Deprecated: This type will be removed in one of the next releases. +VSphereClusterIdentity defines the account to be used for reconciling clustersDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -54,7 +54,7 @@ Optional: Optional: -- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account. Namespaces can be selected with a label selector. If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) +- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account.Namespaces can be selected with a label selector.If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) - `secret_name` (String) SecretName references a Secret inside the controller namespace with the credentials to use @@ -70,7 +70,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--allowed_namespaces--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.allowed_namespaces.selector.match_expressions` @@ -78,8 +78,8 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1beta1_manifest.md index fb77eaeb0..587f3b89a 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_identity_v1beta1_manifest.md @@ -54,7 +54,7 @@ Optional: Optional: -- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account. Namespaces can be selected with a label selector. If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) +- `allowed_namespaces` (Attributes) AllowedNamespaces is used to identify which namespaces are allowed to use this account.Namespaces can be selected with a label selector.If this object is nil, no namespaces will be allowed (see [below for nested schema](#nestedatt--spec--allowed_namespaces)) - `secret_name` (String) SecretName references a Secret inside the controller namespace with the credentials to use @@ -70,7 +70,7 @@ Optional: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--allowed_namespaces--selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.allowed_namespaces.selector.match_expressions` @@ -78,8 +78,8 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest.md index 0ecb312fe..53175d91c 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereClusterTemplate is the Schema for the vsphereclustertemplates API Deprecated: This type will be removed in one of the next releases. + VSphereClusterTemplate is the Schema for the vsphereclustertemplates APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1alpha4_manifest (Data Source) -VSphereClusterTemplate is the Schema for the vsphereclustertemplates API Deprecated: This type will be removed in one of the next releases. +VSphereClusterTemplate is the Schema for the vsphereclustertemplates APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -70,7 +70,7 @@ Required: Optional: - `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--template--spec--control_plane_endpoint)) -- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that contains the identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--identity_ref)) +- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that containsthe identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--identity_ref)) - `server` (String) Server is the address of the vSphere endpoint. - `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1beta1_manifest.md index 3e1c7f7f1..9cc878048 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_template_v1beta1_manifest.md @@ -69,10 +69,10 @@ Required: Optional: -- `cluster_modules` (Attributes List) ClusterModules hosts information regarding the anti-affinity vSphere constructs for each of the objects responsible for creation of VM objects belonging to the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--cluster_modules)) +- `cluster_modules` (Attributes List) ClusterModules hosts information regarding the anti-affinity vSphere constructsfor each of the objects responsible for creation of VM objects belonging to the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--cluster_modules)) - `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--template--spec--control_plane_endpoint)) -- `failure_domain_selector` (Attributes) FailureDomainSelector is the label selector to use for failure domain selection for the control plane nodes of the cluster. If not set ('nil'), selecting failure domains will be disabled. An empty value ('{}') selects all existing failure domains. A valid selector will select all failure domains which match the selector. (see [below for nested schema](#nestedatt--spec--template--spec--failure_domain_selector)) -- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that contains the identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--identity_ref)) +- `failure_domain_selector` (Attributes) FailureDomainSelector is the label selector to use for failure domain selectionfor the control plane nodes of the cluster.If not set ('nil'), selecting failure domains will be disabled.An empty value ('{}') selects all existing failure domains.A valid selector will select all failure domains which match the selector. (see [below for nested schema](#nestedatt--spec--template--spec--failure_domain_selector)) +- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that containsthe identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--template--spec--identity_ref)) - `server` (String) Server is the address of the vSphere endpoint. - `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate @@ -81,9 +81,9 @@ Optional: Required: -- `control_plane` (Boolean) ControlPlane indicates whether the referred object is responsible for control plane nodes. Currently, only the KubeadmControlPlane objects have this flag set to true. Only a single object in the slice can have this value set to true. +- `control_plane` (Boolean) ControlPlane indicates whether the referred object is responsible for control plane nodes.Currently, only the KubeadmControlPlane objects have this flag set to true.Only a single object in the slice can have this value set to true. - `module_uuid` (String) ModuleUUID is the unique identifier of the 'ClusterModule' used by the object. -- `target_object_name` (String) TargetObjectName points to the object that uses the Cluster Module information to enforce anti-affinity amongst its descendant VM objects. +- `target_object_name` (String) TargetObjectName points to the object that uses the Cluster Module information to enforceanti-affinity amongst its descendant VM objects. @@ -101,7 +101,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--template--spec--failure_domain_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.template.spec.failure_domain_selector.match_expressions` @@ -109,11 +109,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md index f4512a19a..fdbeb0339 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereCluster is the Schema for the vsphereclusters API Deprecated: This type will be removed in one of the next releases. + VSphereCluster is the Schema for the vsphereclusters APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest (Data Source) -VSphereCluster is the Schema for the vsphereclusters API Deprecated: This type will be removed in one of the next releases. +VSphereCluster is the Schema for the vsphereclusters APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -55,13 +55,13 @@ Optional: Optional: -- `cloud_provider_configuration` (Attributes) CloudProviderConfiguration holds the cluster-wide configuration for the vSphere cloud provider. Deprecated: will be removed in v1alpha4. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration)) +- `cloud_provider_configuration` (Attributes) CloudProviderConfiguration holds the cluster-wide configuration for the vSphere cloud provider.Deprecated: will be removed in v1alpha4. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration)) - `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--control_plane_endpoint)) -- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that contains the identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) -- `insecure` (Boolean) Insecure is a flag that controls whether to validate the vSphere server's certificate. Deprecated: will be removed in v1alpha4. -- `load_balancer_ref` (Attributes) LoadBalancerRef may be used to enable a control plane load balancer for this cluster. When a LoadBalancerRef is provided, the VSphereCluster.Status.Ready field will not be true until the referenced resource is Status.Ready and has a non-empty Status.Address value. Deprecated: will be removed in v1alpha4. (see [below for nested schema](#nestedatt--spec--load_balancer_ref)) +- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that containsthe identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) +- `insecure` (Boolean) Insecure is a flag that controls whether to validate thevSphere server's certificate.Deprecated: will be removed in v1alpha4. +- `load_balancer_ref` (Attributes) LoadBalancerRef may be used to enable a control plane load balancerfor this cluster.When a LoadBalancerRef is provided, the VSphereCluster.Status.Ready fieldwill not be true until the referenced resource is Status.Ready and has anon-empty Status.Address value.Deprecated: will be removed in v1alpha4. (see [below for nested schema](#nestedatt--spec--load_balancer_ref)) - `server` (String) Server is the address of the vSphere endpoint. -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When provided, Insecure should not be set to true +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen provided, Insecure should not be set to true ### Nested Schema for `spec.cloud_provider_configuration` @@ -72,7 +72,7 @@ Optional: - `global` (Attributes) Global is the vSphere cloud provider's global configuration. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--global)) - `labels` (Attributes) Labels is the vSphere cloud provider's zone and region configuration. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--labels)) - `network` (Attributes) Network is the vSphere cloud provider's network configuration. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--network)) -- `provider_config` (Attributes) CPIProviderConfig contains extra information used to configure the vSphere cloud provider. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--provider_config)) +- `provider_config` (Attributes) CPIProviderConfig contains extra information used to configure thevSphere cloud provider. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--provider_config)) - `virtual_center` (Attributes) VCenter is a list of vCenter configurations. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--virtual_center)) - `workspace` (Attributes) Workspace is the vSphere cloud provider's workspace configuration. (see [below for nested schema](#nestedatt--spec--cloud_provider_configuration--workspace)) @@ -89,19 +89,19 @@ Optional: Optional: -- `api_bind_port` (String) APIBindPort configures the vSphere cloud controller manager API port. Defaults to 43001. -- `api_disable` (Boolean) APIDisable disables the vSphere cloud controller manager API. Defaults to true. -- `ca_file` (String) CAFile Specifies the path to a CA certificate in PEM format. If not configured, the system's CA certificates will be used. +- `api_bind_port` (String) APIBindPort configures the vSphere cloud controller manager API port.Defaults to 43001. +- `api_disable` (Boolean) APIDisable disables the vSphere cloud controller manager API.Defaults to true. +- `ca_file` (String) CAFile Specifies the path to a CA certificate in PEM format.If not configured, the system's CA certificates will be used. - `datacenters` (String) Datacenters is a CSV string of the datacenters in which VMs are located. - `insecure` (Boolean) Insecure is a flag that disables TLS peer verification. - `password` (String) Password is the password used to access a vSphere endpoint. -- `port` (String) Port is the port on which the vSphere endpoint is listening. Defaults to 443. -- `round_tripper_count` (Number) RoundTripperCount specifies the SOAP round tripper count (retries = RoundTripper - 1) -- `secret_name` (String) SecretName is the name of the Kubernetes secret in which the vSphere credentials are located. +- `port` (String) Port is the port on which the vSphere endpoint is listening.Defaults to 443. +- `round_tripper_count` (Number) RoundTripperCount specifies the SOAP round tripper count(retries = RoundTripper - 1) +- `secret_name` (String) SecretName is the name of the Kubernetes secret in which the vSpherecredentials are located. - `secret_namespace` (String) SecretNamespace is the namespace for SecretName. -- `secrets_directory` (String) SecretsDirectory is a directory in which secrets may be found. This may used in the event that: 1. It is not desirable to use the K8s API to watch changes to secrets 2. The cloud controller manager is not running in a K8s environment, such as DC/OS. For example, the container storage interface (CSI) is container orcehstrator (CO) agnostic, and should support non-K8s COs. Defaults to /etc/cloud/credentials. -- `service_account` (String) ServiceAccount is the Kubernetes service account used to launch the cloud controller manager. Defaults to cloud-controller-manager. -- `thumbprint` (String) Thumbprint is the cryptographic thumbprint of the vSphere endpoint's certificate. +- `secrets_directory` (String) SecretsDirectory is a directory in which secrets may be found. Thismay used in the event that:1. It is not desirable to use the K8s API to watch changes to secrets2. The cloud controller manager is not running in a K8s environment, such as DC/OS. For example, the container storage interface (CSI) is container orcehstrator (CO) agnostic, and should support non-K8s COs.Defaults to /etc/cloud/credentials. +- `service_account` (String) ServiceAccount is the Kubernetes service account used to launch the cloudcontroller manager.Defaults to cloud-controller-manager. +- `thumbprint` (String) Thumbprint is the cryptographic thumbprint of the vSphere endpoint'scertificate. - `username` (String) Username is the username used to access a vSphere endpoint. @@ -136,7 +136,7 @@ Optional: Optional: - `controller_image` (String) -- `extra_args` (Map of String) ExtraArgs passes through extra arguments to the cloud provider. The arguments here are passed to the cloud provider daemonset specification +- `extra_args` (Map of String) ExtraArgs passes through extra arguments to the cloud provider.The arguments here are passed to the cloud provider daemonset specification @@ -161,9 +161,9 @@ Optional: - `datacenters` (String) Datacenters is a CSV string of the datacenters in which VMs are located. - `password` (String) Password is the password used to access a vSphere endpoint. -- `port` (String) Port is the port on which the vSphere endpoint is listening. Defaults to 443. -- `round_tripper_count` (Number) RoundTripperCount specifies the SOAP round tripper count (retries = RoundTripper - 1) -- `thumbprint` (String) Thumbprint is the cryptographic thumbprint of the vSphere endpoint's certificate. +- `port` (String) Port is the port on which the vSphere endpoint is listening.Defaults to 443. +- `round_tripper_count` (Number) RoundTripperCount specifies the SOAP round tripper count(retries = RoundTripper - 1) +- `thumbprint` (String) Thumbprint is the cryptographic thumbprint of the vSphere endpoint'scertificate. - `username` (String) Username is the username used to access a vSphere endpoint. @@ -204,9 +204,9 @@ Required: Optional: - `api_version` (String) API version of the referent. -- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. -- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency -- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids +- `field_path` (String) If referring to a piece of an object instead of an entire object, this stringshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container within a pod, this would take on a value like:'spec.containers{name}' (where 'name' refers to the name of the container that triggeredthe event) or if no container name is specified 'spec.containers[2]' (container withindex 2 in this pod). This syntax is chosen only to have some well-defined way ofreferencing a part of an object.TODO: this design is not final and this field is subject to change in the future. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `resource_version` (String) Specific resourceVersion to which this reference is made, if any.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest.md index 975ca2e3b..ca69037cd 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereCluster is the Schema for the vsphereclusters API Deprecated: This type will be removed in one of the next releases. + VSphereCluster is the Schema for the vsphereclusters APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha4_manifest (Data Source) -VSphereCluster is the Schema for the vsphereclusters API Deprecated: This type will be removed in one of the next releases. +VSphereCluster is the Schema for the vsphereclusters APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -56,7 +56,7 @@ Optional: Optional: - `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--control_plane_endpoint)) -- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that contains the identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) +- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that containsthe identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) - `server` (String) Server is the address of the vSphere endpoint. - `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1beta1_manifest.md index e02f2a04b..6603d0533 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1beta1_manifest.md @@ -55,10 +55,10 @@ Optional: Optional: -- `cluster_modules` (Attributes List) ClusterModules hosts information regarding the anti-affinity vSphere constructs for each of the objects responsible for creation of VM objects belonging to the cluster. (see [below for nested schema](#nestedatt--spec--cluster_modules)) +- `cluster_modules` (Attributes List) ClusterModules hosts information regarding the anti-affinity vSphere constructsfor each of the objects responsible for creation of VM objects belonging to the cluster. (see [below for nested schema](#nestedatt--spec--cluster_modules)) - `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--control_plane_endpoint)) -- `failure_domain_selector` (Attributes) FailureDomainSelector is the label selector to use for failure domain selection for the control plane nodes of the cluster. If not set ('nil'), selecting failure domains will be disabled. An empty value ('{}') selects all existing failure domains. A valid selector will select all failure domains which match the selector. (see [below for nested schema](#nestedatt--spec--failure_domain_selector)) -- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that contains the identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) +- `failure_domain_selector` (Attributes) FailureDomainSelector is the label selector to use for failure domain selectionfor the control plane nodes of the cluster.If not set ('nil'), selecting failure domains will be disabled.An empty value ('{}') selects all existing failure domains.A valid selector will select all failure domains which match the selector. (see [below for nested schema](#nestedatt--spec--failure_domain_selector)) +- `identity_ref` (Attributes) IdentityRef is a reference to either a Secret or VSphereClusterIdentity that containsthe identity to use when reconciling the cluster. (see [below for nested schema](#nestedatt--spec--identity_ref)) - `server` (String) Server is the address of the vSphere endpoint. - `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate @@ -67,9 +67,9 @@ Optional: Required: -- `control_plane` (Boolean) ControlPlane indicates whether the referred object is responsible for control plane nodes. Currently, only the KubeadmControlPlane objects have this flag set to true. Only a single object in the slice can have this value set to true. +- `control_plane` (Boolean) ControlPlane indicates whether the referred object is responsible for control plane nodes.Currently, only the KubeadmControlPlane objects have this flag set to true.Only a single object in the slice can have this value set to true. - `module_uuid` (String) ModuleUUID is the unique identifier of the 'ClusterModule' used by the object. -- `target_object_name` (String) TargetObjectName points to the object that uses the Cluster Module information to enforce anti-affinity amongst its descendant VM objects. +- `target_object_name` (String) TargetObjectName points to the object that uses the Cluster Module information to enforceanti-affinity amongst its descendant VM objects. @@ -87,7 +87,7 @@ Required: Optional: - `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--failure_domain_selector--match_expressions)) -- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed. +- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is 'key', theoperator is 'In', and the values array contains only 'value'. The requirements are ANDed. ### Nested Schema for `spec.failure_domain_selector.match_expressions` @@ -95,11 +95,11 @@ Optional: Required: - `key` (String) key is the label key that the selector applies to. -- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +- `operator` (String) operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. Optional: -- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +- `values` (List of String) values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest.md index 51eff5570..26b780bda 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereDeploymentZone is the Schema for the vspheredeploymentzones API Deprecated: This type will be removed in one of the next releases. + VSphereDeploymentZone is the Schema for the vspheredeploymentzones APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha3_manifest (Data Source) -VSphereDeploymentZone is the Schema for the vspheredeploymentzones API Deprecated: This type will be removed in one of the next releases. +VSphereDeploymentZone is the Schema for the vspheredeploymentzones APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -54,7 +54,7 @@ Optional: Required: -- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraints used within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) +- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraintsused within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) Optional: @@ -67,5 +67,5 @@ Optional: Optional: -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest.md index 3bf76b537..fc1fca014 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereDeploymentZone is the Schema for the vspheredeploymentzones API Deprecated: This type will be removed in one of the next releases. + VSphereDeploymentZone is the Schema for the vspheredeploymentzones APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1alpha4_manifest (Data Source) -VSphereDeploymentZone is the Schema for the vspheredeploymentzones API Deprecated: This type will be removed in one of the next releases. +VSphereDeploymentZone is the Schema for the vspheredeploymentzones APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -54,7 +54,7 @@ Optional: Required: -- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraints used within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) +- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraintsused within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) Optional: @@ -67,5 +67,5 @@ Optional: Optional: -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1beta1_manifest.md index 5b3b19ea2..0923598e8 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_deployment_zone_v1beta1_manifest.md @@ -54,7 +54,7 @@ Optional: Required: -- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraints used within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) +- `placement_constraint` (Attributes) PlacementConstraint encapsulates the placement constraintsused within this deployment zone. (see [below for nested schema](#nestedatt--spec--placement_constraint)) Optional: @@ -67,5 +67,5 @@ Optional: Optional: -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest.md index 35d21158e..31a72f1b6 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereFailureDomain is the Schema for the vspherefailuredomains API Deprecated: This type will be removed in one of the next releases. + VSphereFailureDomain is the Schema for the vspherefailuredomains APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha3_manifest (Data Source) -VSphereFailureDomain is the Schema for the vspherefailuredomains API Deprecated: This type will be removed in one of the next releases. +VSphereFailureDomain is the Schema for the vspherefailuredomains APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -77,12 +77,12 @@ Optional: Required: -- `datacenter` (String) The underlying infrastructure for this failure domain Datacenter as the failure domain +- `datacenter` (String) The underlying infrastructure for this failure domainDatacenter as the failure domain Optional: - `compute_cluster` (String) ComputeCluster as the failure domain -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. - `hosts` (Attributes) Hosts has information required for placement of machines on VSphere hosts. (see [below for nested schema](#nestedatt--spec--topology--hosts)) - `networks` (List of String) Networks is the list of networks within this failure domain diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest.md index 15c0b8e98..104bf5565 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereFailureDomain is the Schema for the vspherefailuredomains API Deprecated: This type will be removed in one of the next releases. + VSphereFailureDomain is the Schema for the vspherefailuredomains APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1alpha4_manifest (Data Source) -VSphereFailureDomain is the Schema for the vspherefailuredomains API Deprecated: This type will be removed in one of the next releases. +VSphereFailureDomain is the Schema for the vspherefailuredomains APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -77,12 +77,12 @@ Optional: Required: -- `datacenter` (String) The underlying infrastructure for this failure domain Datacenter as the failure domain +- `datacenter` (String) The underlying infrastructure for this failure domainDatacenter as the failure domain Optional: - `compute_cluster` (String) ComputeCluster as the failure domain -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. - `hosts` (Attributes) Hosts has information required for placement of machines on VSphere hosts. (see [below for nested schema](#nestedatt--spec--topology--hosts)) - `networks` (List of String) Networks is the list of networks within this failure domain diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1beta1_manifest.md index 9984ab3f4..3faff62d2 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_failure_domain_v1beta1_manifest.md @@ -69,7 +69,7 @@ Required: Optional: -- `auto_configure` (Boolean) AutoConfigure tags the Type which is specified in the Topology Deprecated: This field is going to be removed in a future release. +- `auto_configure` (Boolean) AutoConfigure tags the Type which is specified in the TopologyDeprecated: This field is going to be removed in a future release. @@ -82,7 +82,7 @@ Required: Optional: - `compute_cluster` (String) ComputeCluster as the failure domain -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. - `hosts` (Attributes) Hosts has information required for placement of machines on VSphere hosts. (see [below for nested schema](#nestedatt--spec--topology--hosts)) - `networks` (List of String) Networks is the list of networks within this failure domain @@ -107,4 +107,4 @@ Required: Optional: -- `auto_configure` (Boolean) AutoConfigure tags the Type which is specified in the Topology Deprecated: This field is going to be removed in a future release. +- `auto_configure` (Boolean) AutoConfigure tags the Type which is specified in the TopologyDeprecated: This field is going to be removed in a future release. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md index 24369e7b0..aa8c079a7 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereMachineTemplate is the Schema for the vspheremachinetemplates API Deprecated: This type will be removed in one of the next releases. + VSphereMachineTemplate is the Schema for the vspheremachinetemplates APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest (Data Source) -VSphereMachineTemplate is the Schema for the vspheremachinetemplates API Deprecated: This type will be removed in one of the next releases. +VSphereMachineTemplate is the Schema for the vspheremachinetemplates APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -66,7 +66,7 @@ Required: Optional: -- `metadata` (Attributes) Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) +- `metadata` (Attributes) Standard object's metadata.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) ### Nested Schema for `spec.template.spec` @@ -74,59 +74,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--template--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.template.spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) ### Nested Schema for `spec.template.spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.template.spec.network.devices.routes` @@ -156,12 +156,12 @@ Required: Optional: -- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations -- `generate_name` (String) GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency Deprecated: This field has no function and is going to be removed in a next release. -- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels -- `name` (String) Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names Deprecated: This field has no function and is going to be removed in a next release. -- `namespace` (String) Namespace defines the space within each name must be unique. An empty namespace is equivalent to the 'default' namespace, but 'default' is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces Deprecated: This field has no function and is going to be removed in a next release. -- `owner_references` (Attributes List) List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. Deprecated: This field has no function and is going to be removed in a next release. (see [below for nested schema](#nestedatt--spec--template--metadata--owner_references)) +- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may beset by external tools to store and retrieve arbitrary metadata. They are notqueryable and should be preserved when modifying objects.More info: http://kubernetes.io/docs/user-guide/annotations +- `generate_name` (String) GenerateName is an optional prefix, used by the server, to generate a uniquename ONLY IF the Name field has not been provided.If this field is used, the name returned to the client will be differentthan the name passed. This value will also be combined with a unique suffix.The provided value has the same validation rules as the Name field,and may be truncated by the length of the suffix required to make the valueunique on the server.If this field is specified and the generated name exists, the server willNOT return a 409 - instead, it will either return 201 Created or 500 with ReasonServerTimeout indicating a unique name could not be found in the time allotted, and the clientshould retry (optionally after the time indicated in the Retry-After header).Applied only if Name is not specified.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotencyDeprecated: This field has no function and is going to be removed in a next release. +- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize(scope and select) objects. May match selectors of replication controllersand services.More info: http://kubernetes.io/docs/user-guide/labels +- `name` (String) Name must be unique within a namespace. Is required when creating resources, althoughsome resources may allow a client to request the generation of an appropriate nameautomatically. Name is primarily intended for creation idempotence and configurationdefinition.Cannot be updated.More info: http://kubernetes.io/docs/user-guide/identifiers#namesDeprecated: This field has no function and is going to be removed in a next release. +- `namespace` (String) Namespace defines the space within each name must be unique. An empty namespace isequivalent to the 'default' namespace, but 'default' is the canonical representation.Not all objects are required to be scoped to a namespace - the value of this field forthose objects will be empty.Must be a DNS_LABEL.Cannot be updated.More info: http://kubernetes.io/docs/user-guide/namespacesDeprecated: This field has no function and is going to be removed in a next release. +- `owner_references` (Attributes List) List of objects depended by this object. If ALL objects in the list havebeen deleted, this object will be garbage collected. If this object is managed by a controller,then an entry in this list will point to this controller, with the controller field set to true.There cannot be more than one managing controller.Deprecated: This field has no function and is going to be removed in a next release. (see [below for nested schema](#nestedatt--spec--template--metadata--owner_references)) ### Nested Schema for `spec.template.metadata.owner_references` @@ -169,11 +169,11 @@ Optional: Required: - `api_version` (String) API version of the referent. -- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names -- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids Optional: -- `block_owner_deletion` (Boolean) If true, AND if the owner has the 'foregroundDeletion' finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs 'delete' permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +- `block_owner_deletion` (Boolean) If true, AND if the owner has the 'foregroundDeletion' finalizer, thenthe owner cannot be deleted from the key-value store until thisreference is removed.See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletionfor how the garbage collector interacts with this field and enforces the foreground deletion.Defaults to false.To set this field, a user needs 'delete' permission of the owner,otherwise 422 (Unprocessable Entity) will be returned. - `controller` (Boolean) If true, this reference points to the managing controller. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md index 995ebc538..673c79c54 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereMachineTemplate is the Schema for the vspheremachinetemplates API Deprecated: This type will be removed in one of the next releases. + VSphereMachineTemplate is the Schema for the vspheremachinetemplates APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest (Data Source) -VSphereMachineTemplate is the Schema for the vspheremachinetemplates API Deprecated: This type will be removed in one of the next releases. +VSphereMachineTemplate is the Schema for the vspheremachinetemplates APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -66,7 +66,7 @@ Required: Optional: -- `metadata` (Attributes) Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) +- `metadata` (Attributes) Standard object's metadata.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) ### Nested Schema for `spec.template.spec` @@ -74,59 +74,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--template--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.template.spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) ### Nested Schema for `spec.template.spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.template.spec.network.devices.routes` @@ -156,5 +156,5 @@ Required: Optional: -- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations -- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels +- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may beset by external tools to store and retrieve arbitrary metadata. They are notqueryable and should be preserved when modifying objects.More info: http://kubernetes.io/docs/user-guide/annotations +- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize(scope and select) objects. May match selectors of replication controllersand services.More info: http://kubernetes.io/docs/user-guide/labels diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md index 77669b5d2..2b139c643 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md @@ -66,7 +66,7 @@ Required: Optional: -- `metadata` (Attributes) Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) +- `metadata` (Attributes) Standard object's metadata.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata (see [below for nested schema](#nestedatt--spec--template--metadata)) ### Nested Schema for `spec.template.spec` @@ -74,70 +74,70 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--template--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiB Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. Defaults to * which selects the default datacenter. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. The VM will be powered off forcibly after the timeout if the VM is still up and running when the PowerOffMode is set to trySoft. This parameter only applies when the PowerOffMode is set to trySoft. If omitted, the timeout defaults to 5 minutes. -- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. Check the compatibility with the ESXi version before setting the value. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `os` (String) OS is the Operating System of the virtual machine Defaults to Linux +- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiBDefaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located.Defaults to * which selects the default datacenter. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.The VM will be powered off forcibly after the timeout if the VM is stillup and running when the PowerOffMode is set to trySoft.This parameter only applies when the PowerOffMode is set to trySoft.If omitted, the timeout defaults to 5 minutes. +- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned.Check the compatibility with the ESXi version before setting the value. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `os` (String) OS is the Operating System of the virtual machineDefaults to Linux - `pci_devices` (Attributes List) PciDevices is the list of pci devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--pci_devices)) -- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM. There are three, supported power off modes: hard, soft, and trySoft. The first mode, hard, is the equivalent of a physical system's power cord being ripped from the wall. The soft mode requires the VM's guest to have VM Tools installed and attempts to gracefully shut down the VM. Its variant, trySoft, first attempts a graceful shutdown, and if that fails or the VM is not in a powered off state after reaching the GuestSoftPowerOffTimeout, the VM is halted. If omitted, the mode defaults to hard. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDs must use URN-notation instead of display names. -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM.There are three, supported power off modes: hard, soft, andtrySoft. The first mode, hard, is the equivalent of a physicalsystem's power cord being ripped from the wall. The soft moderequires the VM's guest to have VM Tools installed and attempts togracefully shut down the VM. Its variant, trySoft, first attemptsa graceful shutdown, and if that fails or the VM is not in a powered offstate after reaching the GuestSoftPowerOffTimeout, the VM is halted.If omitted, the mode defaults to hard. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDsmust use URN-notation instead of display names. +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.template.spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine Deprecated: This field is going to be removed in a future release. -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machineDeprecated: This field is going to be removed in a future release. +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--template--spec--network--routes)) ### Nested Schema for `spec.template.spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assigned to IPAddressClaims. The machine's cloud-init metadata will be populated with IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--addresses_from_pools)) -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--dhcp4_overrides)) -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--dhcp6_overrides)) -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. +- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assignedto IPAddressClaims. The machine's cloud-init metadata will be populatedwith IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--addresses_from_pools)) +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--dhcp4_overrides)) +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--dhcp6_overrides)) +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. - `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4, DHCP6 and SkipIPAllocation are false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4, DHCP6 and SkipIPAllocation are false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. -- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured. This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI. If true, CAPV will not verify IP address allocation. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. +- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured.This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI.If true, CAPV will not verify IP address allocation. ### Nested Schema for `spec.template.spec.network.devices.addresses_from_pools` @@ -149,7 +149,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -157,15 +157,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -173,15 +173,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -211,9 +211,9 @@ Required: Optional: -- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. +- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. @@ -222,5 +222,5 @@ Optional: Optional: -- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations -- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels +- `annotations` (Map of String) Annotations is an unstructured key value map stored with a resource that may beset by external tools to store and retrieve arbitrary metadata. They are notqueryable and should be preserved when modifying objects.More info: http://kubernetes.io/docs/user-guide/annotations +- `labels` (Map of String) Map of string keys and values that can be used to organize and categorize(scope and select) objects. May match selectors of replication controllersand services.More info: http://kubernetes.io/docs/user-guide/labels diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md index 3bc67a5a3..940791786 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereMachine is the Schema for the vspheremachines API Deprecated: This type will be removed in one of the next releases. + VSphereMachine is the Schema for the vspheremachines APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest (Data Source) -VSphereMachine is the Schema for the vspheremachines API Deprecated: This type will be removed in one of the next releases. +VSphereMachine is the Schema for the vspheremachines APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -56,59 +56,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.network.devices.routes` diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md index 6aae413e4..2cace6ae0 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereMachine is the Schema for the vspheremachines API Deprecated: This type will be removed in one of the next releases. + VSphereMachine is the Schema for the vspheremachines APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest (Data Source) -VSphereMachine is the Schema for the vspheremachines API Deprecated: This type will be removed in one of the next releases. +VSphereMachine is the Schema for the vspheremachines APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -56,59 +56,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.network.devices.routes` diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md index bf9c803b4..0e1724b4d 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md @@ -56,70 +56,70 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiB Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. Defaults to * which selects the default datacenter. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. The VM will be powered off forcibly after the timeout if the VM is still up and running when the PowerOffMode is set to trySoft. This parameter only applies when the PowerOffMode is set to trySoft. If omitted, the timeout defaults to 5 minutes. -- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. Check the compatibility with the ESXi version before setting the value. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `os` (String) OS is the Operating System of the virtual machine Defaults to Linux +- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiBDefaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located.Defaults to * which selects the default datacenter. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `failure_domain` (String) FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.The VM will be powered off forcibly after the timeout if the VM is stillup and running when the PowerOffMode is set to trySoft.This parameter only applies when the PowerOffMode is set to trySoft.If omitted, the timeout defaults to 5 minutes. +- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned.Check the compatibility with the ESXi version before setting the value. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `os` (String) OS is the Operating System of the virtual machineDefaults to Linux - `pci_devices` (Attributes List) PciDevices is the list of pci devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--pci_devices)) -- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM. There are three, supported power off modes: hard, soft, and trySoft. The first mode, hard, is the equivalent of a physical system's power cord being ripped from the wall. The soft mode requires the VM's guest to have VM Tools installed and attempts to gracefully shut down the VM. Its variant, trySoft, first attempts a graceful shutdown, and if that fails or the VM is not in a powered off state after reaching the GuestSoftPowerOffTimeout, the VM is halted. If omitted, the mode defaults to hard. -- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated as vsphere://12345678-1234-1234-1234-123456789abc -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDs must use URN-notation instead of display names. -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM.There are three, supported power off modes: hard, soft, andtrySoft. The first mode, hard, is the equivalent of a physicalsystem's power cord being ripped from the wall. The soft moderequires the VM's guest to have VM Tools installed and attempts togracefully shut down the VM. Its variant, trySoft, first attemptsa graceful shutdown, and if that fails or the VM is not in a powered offstate after reaching the GuestSoftPowerOffTimeout, the VM is halted.If omitted, the mode defaults to hard. +- `provider_id` (String) ProviderID is the virtual machine's BIOS UUID formated asvsphere://12345678-1234-1234-1234-123456789abc +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDsmust use URN-notation instead of display names. +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine Deprecated: This field is going to be removed in a future release. -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machineDeprecated: This field is going to be removed in a future release. +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assigned to IPAddressClaims. The machine's cloud-init metadata will be populated with IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--network--devices--addresses_from_pools)) -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp4_overrides)) -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp6_overrides)) -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. +- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assignedto IPAddressClaims. The machine's cloud-init metadata will be populatedwith IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--network--devices--addresses_from_pools)) +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp4_overrides)) +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp6_overrides)) +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. - `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4, DHCP6 and SkipIPAllocation are false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4, DHCP6 and SkipIPAllocation are false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. -- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured. This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI. If true, CAPV will not verify IP address allocation. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. +- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured.This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI.If true, CAPV will not verify IP address allocation. ### Nested Schema for `spec.network.devices.addresses_from_pools` @@ -131,7 +131,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -139,15 +139,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -155,15 +155,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -193,6 +193,6 @@ Required: Optional: -- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. +- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md index f2ae8a81c..314ef8829 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereVM is the Schema for the vspherevms API Deprecated: This type will be removed in one of the next releases. + VSphereVM is the Schema for the vspherevms APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest (Data Source) -VSphereVM is the Schema for the vspherevms API Deprecated: This type will be removed in one of the next releases. +VSphereVM is the Schema for the vspherevms APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -56,59 +56,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime after the VM has been created. This field is required at runtime for other controllers that read this CRD as unstructured data. -- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resource that holds configuration details. This field is optional in case no bootstrap data is required to create a VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime afterthe VM has been created.This field is required at runtime for other controllers that readthis CRD as unstructured data. +- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resourcethat holds configuration details.This field is optional in case no bootstrap data is required to createa VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.network.devices.routes` @@ -138,9 +138,9 @@ Required: Optional: - `api_version` (String) API version of the referent. -- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. -- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency -- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids +- `field_path` (String) If referring to a piece of an object instead of an entire object, this stringshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container within a pod, this would take on a value like:'spec.containers{name}' (where 'name' refers to the name of the container that triggeredthe event) or if no container name is specified 'spec.containers[2]' (container withindex 2 in this pod). This syntax is chosen only to have some well-defined way ofreferencing a part of an object.TODO: this design is not final and this field is subject to change in the future. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `resource_version` (String) Specific resourceVersion to which this reference is made, if any.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md index 01c9481e6..42a26458c 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md @@ -3,12 +3,12 @@ page_title: "k8s_infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest Data Source - terraform-provider-k8s" subcategory: "infrastructure.cluster.x-k8s.io" description: |- - VSphereVM is the Schema for the vspherevms API Deprecated: This type will be removed in one of the next releases. + VSphereVM is the Schema for the vspherevms APIDeprecated: This type will be removed in one of the next releases. --- # k8s_infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest (Data Source) -VSphereVM is the Schema for the vspherevms API Deprecated: This type will be removed in one of the next releases. +VSphereVM is the Schema for the vspherevms APIDeprecated: This type will be removed in one of the next releases. ## Example Usage @@ -56,59 +56,59 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime after the VM has been created. This field is required at runtime for other controllers that read this CRD as unstructured data. -- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resource that holds configuration details. This field is optional in case no bootstrap data is required to create a VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime afterthe VM has been created.This field is required at runtime for other controllers that readthis CRD as unstructured data. +- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resourcethat holds configuration details.This field is optional in case no bootstrap data is required to createa VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machine +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. -- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP6 is false. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4 and DHCP6 are both false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. +- `gateway6` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP6 is false. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4 and DHCP6 are both false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. ### Nested Schema for `spec.network.devices.routes` @@ -138,9 +138,9 @@ Required: Optional: - `api_version` (String) API version of the referent. -- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. -- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency -- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids +- `field_path` (String) If referring to a piece of an object instead of an entire object, this stringshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container within a pod, this would take on a value like:'spec.containers{name}' (where 'name' refers to the name of the container that triggeredthe event) or if no container name is specified 'spec.containers[2]' (container withindex 2 in this pod). This syntax is chosen only to have some well-defined way ofreferencing a part of an object.TODO: this design is not final and this field is subject to change in the future. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `resource_version` (String) Specific resourceVersion to which this reference is made, if any.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md index 88a5cbf46..c8fbe0919 100644 --- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md +++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md @@ -56,70 +56,70 @@ Optional: Required: - `network` (Attributes) Network is the network configuration for this machine's VM. (see [below for nested schema](#nestedatt--spec--network)) -- `template` (String) Template is the name or inventory path of the template used to clone the virtual machine. +- `template` (String) Template is the name or inventory path of the template used to clonethe virtual machine. Optional: -- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiB Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime after the VM has been created. This field is required at runtime for other controllers that read this CRD as unstructured data. -- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resource that holds configuration details. This field is optional in case no bootstrap data is required to create a VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) -- `clone_mode` (String) CloneMode specifies the type of clone operation. The LinkedClone mode is only support for templates that have at least one snapshot. If the template has no snapshots, then CloneMode defaults to FullClone. When LinkedClone mode is enabled the DiskGiB field is ignored as it is not possible to expand disks of linked clones. Defaults to LinkedClone, but fails gracefully to FullClone if the source of the clone operation has no snapshots. -- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM Defaults to empty map -- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which the virtual machine is created/located. Defaults to * which selects the default datacenter. -- `datastore` (String) Datastore is the name or inventory path of the datastore in which the virtual machine is created/located. -- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `folder` (String) Folder is the name or inventory path of the folder in which the virtual machine is created/located. -- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. The VM will be powered off forcibly after the timeout if the VM is still up and running when the PowerOffMode is set to trySoft. This parameter only applies when the PowerOffMode is set to trySoft. If omitted, the timeout defaults to 5 minutes. -- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. Check the compatibility with the ESXi version before setting the value. -- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in this virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `os` (String) OS is the Operating System of the virtual machine Defaults to Linux +- `additional_disks_gi_b` (List of String) AdditionalDisksGiB holds the sizes of additional disks of the virtual machine, in GiBDefaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `bios_uuid` (String) BiosUUID is the VM's BIOS UUID that is assigned at runtime afterthe VM has been created.This field is required at runtime for other controllers that readthis CRD as unstructured data. +- `bootstrap_ref` (Attributes) BootstrapRef is a reference to a bootstrap provider-specific resourcethat holds configuration details.This field is optional in case no bootstrap data is required to createa VM. (see [below for nested schema](#nestedatt--spec--bootstrap_ref)) +- `clone_mode` (String) CloneMode specifies the type of clone operation.The LinkedClone mode is only support for templates that have at leastone snapshot. If the template has no snapshots, then CloneMode defaultsto FullClone.When LinkedClone mode is enabled the DiskGiB field is ignored as it isnot possible to expand disks of linked clones.Defaults to LinkedClone, but fails gracefully to FullClone if the sourceof the clone operation has no snapshots. +- `custom_vmx_keys` (Map of String) CustomVMXKeys is a dictionary of advanced VMX options that can be set on VMDefaults to empty map +- `datacenter` (String) Datacenter is the name or inventory path of the datacenter in which thevirtual machine is created/located.Defaults to * which selects the default datacenter. +- `datastore` (String) Datastore is the name or inventory path of the datastore in which thevirtual machine is created/located. +- `disk_gi_b` (Number) DiskGiB is the size of a virtual machine's disk, in GiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `folder` (String) Folder is the name or inventory path of the folder in which thevirtual machine is created/located. +- `guest_soft_power_off_timeout` (String) GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.The VM will be powered off forcibly after the timeout if the VM is stillup and running when the PowerOffMode is set to trySoft.This parameter only applies when the PowerOffMode is set to trySoft.If omitted, the timeout defaults to 5 minutes. +- `hardware_version` (String) HardwareVersion is the hardware version of the virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned.Check the compatibility with the ESXi version before setting the value. +- `memory_mi_b` (Number) MemoryMiB is the size of a virtual machine's memory, in MiB.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cores_per_socket` (Number) NumCPUs is the number of cores among which to distribute CPUs in thisvirtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `num_cp_us` (Number) NumCPUs is the number of virtual processors in a virtual machine.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `os` (String) OS is the Operating System of the virtual machineDefaults to Linux - `pci_devices` (Attributes List) PciDevices is the list of pci devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--pci_devices)) -- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM. There are three, supported power off modes: hard, soft, and trySoft. The first mode, hard, is the equivalent of a physical system's power cord being ripped from the wall. The soft mode requires the VM's guest to have VM Tools installed and attempts to gracefully shut down the VM. Its variant, trySoft, first attempts a graceful shutdown, and if that fails or the VM is not in a powered off state after reaching the GuestSoftPowerOffTimeout, the VM is halted. If omitted, the mode defaults to hard. -- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in which the virtual machine is created/located. -- `server` (String) Server is the IP address or FQDN of the vSphere server on which the virtual machine is created/located. -- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone. This field is ignored if LinkedClone is not enabled. Defaults to the source's current snapshot. -- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with this Virtual Machine -- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDs must use URN-notation instead of display names. -- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate When this is set to empty, this VirtualMachine would be created without TLS certificate validation of the communication between Cluster API Provider vSphere and the VMware vCenter server. +- `power_off_mode` (String) PowerOffMode describes the desired behavior when powering off a VM.There are three, supported power off modes: hard, soft, andtrySoft. The first mode, hard, is the equivalent of a physicalsystem's power cord being ripped from the wall. The soft moderequires the VM's guest to have VM Tools installed and attempts togracefully shut down the VM. Its variant, trySoft, first attemptsa graceful shutdown, and if that fails or the VM is not in a powered offstate after reaching the GuestSoftPowerOffTimeout, the VM is halted.If omitted, the mode defaults to hard. +- `resource_pool` (String) ResourcePool is the name or inventory path of the resource pool in whichthe virtual machine is created/located. +- `server` (String) Server is the IP address or FQDN of the vSphere server on whichthe virtual machine is created/located. +- `snapshot` (String) Snapshot is the name of the snapshot from which to create a linked clone.This field is ignored if LinkedClone is not enabled.Defaults to the source's current snapshot. +- `storage_policy_name` (String) StoragePolicyName of the storage policy to use with thisVirtual Machine +- `tag_i_ds` (List of String) TagIDs is an optional set of tags to add to an instance. Specified tagIDsmust use URN-notation instead of display names. +- `thumbprint` (String) Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificateWhen this is set to empty, this VirtualMachine would be createdwithout TLS certificate validation of the communication between Cluster API Provider vSphereand the VMware vCenter server. ### Nested Schema for `spec.network` Required: -- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) +- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine.TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices)) Optional: -- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes API server endpoint on this machine Deprecated: This field is going to be removed in a future release. -- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtual machine. (see [below for nested schema](#nestedatt--spec--network--routes)) +- `preferred_api_server_cidr` (String) PreferredAPIServeCIDR is the preferred CIDR for the Kubernetes APIserver endpoint on this machineDeprecated: This field is going to be removed in a future release. +- `routes` (Attributes List) Routes is a list of optional, static routes applied to the virtualmachine. (see [below for nested schema](#nestedatt--spec--network--routes)) ### Nested Schema for `spec.network.devices` Required: -- `network_name` (String) NetworkName is the name of the vSphere network to which the device will be connected. +- `network_name` (String) NetworkName is the name of the vSphere network to which the devicewill be connected. Optional: -- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assigned to IPAddressClaims. The machine's cloud-init metadata will be populated with IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--network--devices--addresses_from_pools)) -- `device_name` (String) DeviceName may be used to explicitly assign a name to the network device as it exists in the guest operating system. -- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4 on this device. If true then IPAddrs should not contain any IPv4 addresses. -- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp4_overrides)) -- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6 on this device. If true then IPAddrs should not contain any IPv6 addresses. -- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors. Overrides will only be applied when the corresponding DHCP flag is set. Only configured values will be sent, omitted values will default to distribution defaults. Dependent on support in the network stack for your distribution. For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp6_overrides)) -- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device. Required when DHCP4 is false. +- `addresses_from_pools` (Attributes List) AddressesFromPools is a list of IPAddressPools that should be assignedto IPAddressClaims. The machine's cloud-init metadata will be populatedwith IPAddresses fulfilled by an IPAM provider. (see [below for nested schema](#nestedatt--spec--network--devices--addresses_from_pools)) +- `device_name` (String) DeviceName may be used to explicitly assign a name to the network deviceas it exists in the guest operating system. +- `dhcp4` (Boolean) DHCP4 is a flag that indicates whether or not to use DHCP for IPv4on this device.If true then IPAddrs should not contain any IPv4 addresses. +- `dhcp4_overrides` (Attributes) DHCP4Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp4_overrides)) +- `dhcp6` (Boolean) DHCP6 is a flag that indicates whether or not to use DHCP for IPv6on this device.If true then IPAddrs should not contain any IPv6 addresses. +- `dhcp6_overrides` (Attributes) DHCP6Overrides allows for the control over several DHCP behaviors.Overrides will only be applied when the corresponding DHCP flag is set.Only configured values will be sent, omitted values will default todistribution defaults.Dependent on support in the network stack for your distribution.For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) (see [below for nested schema](#nestedatt--spec--network--devices--dhcp6_overrides)) +- `gateway4` (String) Gateway4 is the IPv4 gateway used by this device.Required when DHCP4 is false. - `gateway6` (String) Gateway4 is the IPv4 gateway used by this device. -- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assign to this device. IP addresses must also specify the segment length in CIDR notation. Required when DHCP4, DHCP6 and SkipIPAllocation are false. -- `mac_addr` (String) MACAddr is the MAC address used by this device. It is generally a good idea to omit this field and allow a MAC address to be generated. Please note that this value must use the VMware OUI to work with the in-tree vSphere cloud provider. +- `ip_addrs` (List of String) IPAddrs is a list of one or more IPv4 and/or IPv6 addresses to assignto this device. IP addresses must also specify the segment length inCIDR notation.Required when DHCP4, DHCP6 and SkipIPAllocation are false. +- `mac_addr` (String) MACAddr is the MAC address used by this device.It is generally a good idea to omit this field and allow a MAC addressto be generated.Please note that this value must use the VMware OUI to work with thein-tree vSphere cloud provider. - `mtu` (Number) MTU is the device’s Maximum Transmission Unit size in bytes. -- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS nameservers. Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). +- `nameservers` (List of String) Nameservers is a list of IPv4 and/or IPv6 addresses used as DNSnameservers.Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). - `routes` (Attributes List) Routes is a list of optional, static routes applied to the device. (see [below for nested schema](#nestedatt--spec--network--devices--routes)) -- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IP addresses with DNS. -- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured. This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI. If true, CAPV will not verify IP address allocation. +- `search_domains` (List of String) SearchDomains is a list of search domains used when resolving IPaddresses with DNS. +- `skip_ip_allocation` (Boolean) SkipIPAllocation allows the device to not have IP address or DHCP configured.This is suitable for devices for which IP allocation is handled externally, eg. using Multus CNI.If true, CAPV will not verify IP address allocation. ### Nested Schema for `spec.network.devices.addresses_from_pools` @@ -131,7 +131,7 @@ Required: Optional: -- `api_group` (String) APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. +- `api_group` (String) APIGroup is the group for the resource being referenced.If APIGroup is not specified, the specified Kind must be in the core API group.For any other third-party types, APIGroup is required. @@ -139,15 +139,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -155,15 +155,15 @@ Optional: Optional: -- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead of the machine's hostname. -- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric for an interface will have a higher priority. -- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to the DHCP server. -- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used and take precedence. -- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true', the domain name from the DHCP server will be used as the DNS search domain for this device. When 'route', the domain name from the DHCP response will be used for routing DNS only, not for searching. -- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be set as the transient hostname of the machine. -- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as the MTU of the device. -- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be used by systemd-timesyncd and take precedence. -- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installed in the routing table. +- `hostname` (String) Hostname is the name which will be sent to the DHCP server instead ofthe machine's hostname. +- `route_metric` (Number) RouteMetric is used to prioritize routes for devices. A lower metric foran interface will have a higher priority. +- `send_hostname` (Boolean) SendHostname when 'true', the hostname of the machine will be sent to theDHCP server. +- `use_dns` (Boolean) UseDNS when 'true', the DNS servers in the DHCP server will be used andtake precedence. +- `use_domains` (String) UseDomains can take the values 'true', 'false', or 'route'. When 'true',the domain name from the DHCP server will be used as the DNS searchdomain for this device. When 'route', the domain name from the DHCPresponse will be used for routing DNS only, not for searching. +- `use_hostname` (Boolean) UseHostname when 'true', the hostname from the DHCP server will be setas the transient hostname of the machine. +- `use_mtu` (Boolean) UseMTU when 'true', the MTU from the DHCP server will be set as theMTU of the device. +- `use_ntp` (Boolean) UseNTP when 'true', the NTP servers from the DHCP server will be usedby systemd-timesyncd and take precedence. +- `use_routes` (String) UseRoutes when 'true', the routes from the DHCP server will be installedin the routing table. @@ -194,12 +194,12 @@ Required: Optional: - `api_version` (String) API version of the referent. -- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. -- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds -- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ -- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency -- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids +- `field_path` (String) If referring to a piece of an object instead of an entire object, this stringshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container within a pod, this would take on a value like:'spec.containers{name}' (where 'name' refers to the name of the container that triggeredthe event) or if no container name is specified 'spec.containers[2]' (container withindex 2 in this pod). This syntax is chosen only to have some well-defined way ofreferencing a part of an object.TODO: this design is not final and this field is subject to change in the future. +- `kind` (String) Kind of the referent.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +- `name` (String) Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +- `namespace` (String) Namespace of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ +- `resource_version` (String) Specific resourceVersion to which this reference is made, if any.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency +- `uid` (String) UID of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids @@ -207,6 +207,6 @@ Optional: Optional: -- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. -- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer. Defaults to the eponymous property value in the template from which the virtual machine is cloned. +- `custom_label` (String) CustomLabel is the hardware label of a virtual machine's PCI device.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `device_id` (Number) DeviceID is the device ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. +- `vendor_id` (Number) VendorId is the vendor ID of a virtual machine's PCI, in integer.Defaults to the eponymous property value in the template from which thevirtual machine is cloned. diff --git a/docs/data-sources/jobset_x_k8s_io_job_set_v1alpha2_manifest.md b/docs/data-sources/jobset_x_k8s_io_job_set_v1alpha2_manifest.md index 077be66c3..5fef99768 100644 --- a/docs/data-sources/jobset_x_k8s_io_job_set_v1alpha2_manifest.md +++ b/docs/data-sources/jobset_x_k8s_io_job_set_v1alpha2_manifest.md @@ -79,10 +79,10 @@ Required: - `action` (String) The action to take if the rule is matched. - `name` (String) The name of the failure policy rule.The name is defaulted to 'failurePolicyRuleN' where N is the index of the failure policy rule.The name must match the regular expression '^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$'. -- `on_job_failure_reasons` (List of String) The requirement on the job failure reasons. The requirementis satisfied if at least one reason matches the list.The rules are evaluated in order, and the first matchingrule is executed.An empty list applies the rule to any job failure reason. Optional: +- `on_job_failure_reasons` (List of String) The requirement on the job failure reasons. The requirementis satisfied if at least one reason matches the list.The rules are evaluated in order, and the first matchingrule is executed.An empty list applies the rule to any job failure reason. - `target_replicated_jobs` (List of String) TargetReplicatedJobs are the names of the replicated jobs the operator applies to.An empty list will apply to all replicatedJobs. diff --git a/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md b/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md index 6c010e5e0..700a5e16a 100644 --- a/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md +++ b/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md @@ -629,7 +629,6 @@ Optional: Optional: - `certificates_information_indicators` (Attributes) Flag to enable/disable displaying certificates information and which secrets to grant read permissions. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--certificates_information_indicators)) -- `clustering` (Attributes) Multi-cluster related features. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--clustering)) - `disabled_features` (List of String) There may be some features that admins do not want to be accessible to users (even in 'view only' mode). In this case, this setting allows you to disable one or more of those features entirely. - `istio_annotation_action` (Boolean) Flag to enable/disable an Action to edit annotations. - `istio_injection_action` (Boolean) Flag to enable/disable an Action to label a namespace for automatic Istio Sidecar injection. @@ -646,45 +645,6 @@ Optional: - `secrets` (List of String) - -### Nested Schema for `spec.kiali_feature_flags.clustering` - -Optional: - -- `autodetect_secrets` (Attributes) Settings to allow cluster secrets to be auto-detected. Secrets must exist in the Kiali deployment namespace. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--clustering--autodetect_secrets)) -- `clusters` (Attributes List) A list of clusters that the Kiali Server can access. You need to specify the remote clusters here if 'autodetect_secrets.enabled' is false. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--clustering--clusters)) -- `kiali_urls` (Attributes List) A map between cluster name, instance name and namespace to a Kiali URL. Will be used showing the Mesh page's Kiali URLs. The Kiali service's 'kiali.io/external-url' annotation will be overridden when this property is set. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--clustering--kiali_urls)) - - -### Nested Schema for `spec.kiali_feature_flags.clustering.autodetect_secrets` - -Optional: - -- `enabled` (Boolean) If true then remote cluster secrets will be autodetected during the installation of the Kiali Server Deployment. Any remote cluster secrets found in the Kiali deployment namespace will be mounted to the Kiali Server's file system. If false, you can still manually specify the remote cluster secret information in the 'clusters' setting if you wish to utilize multicluster features. -- `label` (String) The name and value of a label that exists on all remote cluster secrets. Default is 'kiali.io/multiCluster=true'. - - - -### Nested Schema for `spec.kiali_feature_flags.clustering.clusters` - -Optional: - -- `name` (String) The name of the cluster. -- `secret_name` (String) The name of the secret that contains the credentials necessary to connect to the remote cluster. This secret must exist in the Kiali deployment namespace. If a secret name is not provided then it's assumed that the cluster is inaccessible. - - - -### Nested Schema for `spec.kiali_feature_flags.clustering.kiali_urls` - -Optional: - -- `cluster_name` (String) The name of the cluster. -- `instance_name` (String) The instance name of this Kiali installation. This should be the value used in 'deployment.instance_name' for Kiali resource name. -- `namespace` (String) The namespace into which Kiali is installed. -- `url` (String) The URL of Kiali in the cluster. - - - ### Nested Schema for `spec.kiali_feature_flags.ui_defaults` diff --git a/docs/data-sources/kueue_x_k8s_io_local_queue_v1beta1_manifest.md b/docs/data-sources/kueue_x_k8s_io_local_queue_v1beta1_manifest.md index 44df1fd00..cb4887bc6 100644 --- a/docs/data-sources/kueue_x_k8s_io_local_queue_v1beta1_manifest.md +++ b/docs/data-sources/kueue_x_k8s_io_local_queue_v1beta1_manifest.md @@ -56,3 +56,4 @@ Optional: Optional: - `cluster_queue` (String) clusterQueue is a reference to a clusterQueue that backs this localQueue. +- `stop_policy` (String) stopPolicy - if set to a value different from None, the LocalQueue is considered Inactive,no new reservation being made.Depending on its value, its associated workloads will:- None - Workloads are admitted- HoldAndDrain - Admitted workloads are evicted and Reserving workloads will cancel the reservation.- Hold - Admitted workloads will run to completion and Reserving workloads will cancel the reservation. diff --git a/docs/data-sources/kuma_io_mesh_access_log_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_access_log_v1alpha1_manifest.md index f3be7c667..ad995b0b7 100644 --- a/docs/data-sources/kuma_io_mesh_access_log_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_access_log_v1alpha1_manifest.md @@ -68,9 +68,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -91,9 +94,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -229,9 +235,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_circuit_breaker_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_circuit_breaker_v1alpha1_manifest.md index 18b133c81..c091eaeb8 100644 --- a/docs/data-sources/kuma_io_mesh_circuit_breaker_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_circuit_breaker_v1alpha1_manifest.md @@ -68,9 +68,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -91,9 +94,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -205,9 +211,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_fault_injection_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_fault_injection_v1alpha1_manifest.md index a4f0856cd..8de182808 100644 --- a/docs/data-sources/kuma_io_mesh_fault_injection_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_fault_injection_v1alpha1_manifest.md @@ -68,9 +68,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -91,9 +94,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -160,9 +166,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_health_check_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_health_check_v1alpha1_manifest.md index 5348029ad..e0def861d 100644 --- a/docs/data-sources/kuma_io_mesh_health_check_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_health_check_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -90,9 +93,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_http_route_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_http_route_v1alpha1_manifest.md index 5bd29b610..78903fd3d 100644 --- a/docs/data-sources/kuma_io_mesh_http_route_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_http_route_v1alpha1_manifest.md @@ -64,9 +64,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -101,10 +104,13 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `port` (Number) Port is only supported when this ref refers to a real MeshService object - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' - `weight` (Number) @@ -169,10 +175,13 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `port` (Number) Port is only supported when this ref refers to a real MeshService object - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' - `weight` (Number) @@ -306,7 +315,10 @@ Required: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_load_balancing_strategy_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_load_balancing_strategy_v1alpha1_manifest.md index beb308a4a..d632f2773 100644 --- a/docs/data-sources/kuma_io_mesh_load_balancing_strategy_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_load_balancing_strategy_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -90,9 +93,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_proxy_patch_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_proxy_patch_v1alpha1_manifest.md index 0d2ab04f7..de86cc58e 100644 --- a/docs/data-sources/kuma_io_mesh_proxy_patch_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_proxy_patch_v1alpha1_manifest.md @@ -275,7 +275,10 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_rate_limit_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_rate_limit_v1alpha1_manifest.md index b0cd5b3c6..dfd0a5238 100644 --- a/docs/data-sources/kuma_io_mesh_rate_limit_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_rate_limit_v1alpha1_manifest.md @@ -68,9 +68,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -91,9 +94,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -205,9 +211,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_retry_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_retry_v1alpha1_manifest.md index 1d4d56799..c336d43cc 100644 --- a/docs/data-sources/kuma_io_mesh_retry_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_retry_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -90,9 +93,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_tcp_route_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_tcp_route_v1alpha1_manifest.md index 3046c81a8..04338c09b 100644 --- a/docs/data-sources/kuma_io_mesh_tcp_route_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_tcp_route_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -90,9 +93,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -116,9 +122,12 @@ Required: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `port` (Number) Port is only supported when this ref refers to a real MeshService object - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' - `weight` (Number) diff --git a/docs/data-sources/kuma_io_mesh_timeout_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_timeout_v1alpha1_manifest.md index 1ee322f7e..0655faae2 100644 --- a/docs/data-sources/kuma_io_mesh_timeout_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_timeout_v1alpha1_manifest.md @@ -68,9 +68,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -91,9 +94,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -137,9 +143,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_trace_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_trace_v1alpha1_manifest.md index 52352ab08..de63dc916 100644 --- a/docs/data-sources/kuma_io_mesh_trace_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_trace_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kuma_io_mesh_traffic_permission_v1alpha1_manifest.md b/docs/data-sources/kuma_io_mesh_traffic_permission_v1alpha1_manifest.md index 292882164..fdf29a3eb 100644 --- a/docs/data-sources/kuma_io_mesh_traffic_permission_v1alpha1_manifest.md +++ b/docs/data-sources/kuma_io_mesh_traffic_permission_v1alpha1_manifest.md @@ -67,9 +67,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' @@ -90,9 +93,12 @@ Optional: Optional: - `kind` (String) Kind of the referenced resource +- `labels` (Map of String) Labels are used to select group of MeshServices that match labels. Either Labels orName and Namespace can be used. - `mesh` (String) Mesh is reserved for future use to identify cross mesh resources. - `name` (String) Name of the referenced resource. Can only be used with kinds: 'MeshService','MeshServiceSubset' and 'MeshGatewayRoute' +- `namespace` (String) Namespace specifies the namespace of target resource. If empty only resources in policy namespacewill be targeted. - `proxy_types` (List of String) ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy. +- `section_name` (String) SectionName is used to target specific section of resource.For example, you can target port from MeshService.ports[] by its name. Only traffic to this port will be affected. - `tags` (Map of String) Tags used to select a subset of proxies by tags. Can only be used with kinds'MeshSubset' and 'MeshServiceSubset' diff --git a/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md b/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md index 35709f2ed..a79181d7c 100644 --- a/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md +++ b/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md @@ -55,7 +55,7 @@ Optional: - `apply_rules` (String) ApplyRules controls how rules in a policy are applied. Rule are processed inthe order of declaration. When set to 'One' processing stops after a rule hasbeen applied i.e. the rule matches and results in a pass, fail, or error. Whenset to 'All' all rules in the policy are processed. The default is 'All'. - `background` (Boolean) Background controls if rules are applied to existing resources during a background scan.Optional. Default value is 'true'. The value must be set to 'false' if the policy ruleuses variables that are only available in the admission review request (e.g. user name). - `failure_policy` (String) FailurePolicy defines how unexpected policy errors and webhook response timeout errors are handled.Rules within the same policy share the same failure behavior.This field should not be accessed directly, instead 'GetFailurePolicy()' should be used.Allowed values are Ignore or Fail. Defaults to Fail. -- `generate_existing` (Boolean) GenerateExisting controls whether to trigger generate rule in existing resourcesIf is set to 'true' generate rule will be triggered and applied to existing matched resources.Defaults to 'false' if not specified. +- `generate_existing` (Boolean) Deprecated, use generateExisting under the generate rule instead - `generate_existing_on_policy_update` (Boolean) Deprecated, use generateExisting instead - `mutate_existing_on_policy_update` (Boolean) MutateExistingOnPolicyUpdate controls if a mutateExisting policy is applied on policy events.Default value is 'false'. - `rules` (Attributes List) Rules is a list of Rule instances. A Policy contains multiple rules andeach rule can validate, mutate, or generate resources. (see [below for nested schema](#nestedatt--spec--rules)) @@ -459,6 +459,7 @@ Optional: - `clone` (Attributes) Clone specifies the source resource used to populate each generated resource.At most one of Data or Clone can be specified. If neither are provided, the generatedresource will be created with default data only. (see [below for nested schema](#nestedatt--spec--rules--generate--clone)) - `clone_list` (Attributes) CloneList specifies the list of source resource used to populate each generated resource. (see [below for nested schema](#nestedatt--spec--rules--generate--clone_list)) - `data` (Map of String) Data provides the resource declaration used to populate each generated resource.At most one of Data or Clone must be specified. If neither are provided, the generatedresource will be created with default data only. +- `generate_existing` (Boolean) GenerateExisting controls whether to trigger the rule in existing resourcesIf is set to 'true' the rule will be triggered and applied to existing matched resources. - `kind` (String) Kind specifies resource kind. - `name` (String) Name specifies the resource name. - `namespace` (String) Namespace specifies resource namespace. diff --git a/docs/data-sources/kyverno_io_cluster_policy_v2beta1_manifest.md b/docs/data-sources/kyverno_io_cluster_policy_v2beta1_manifest.md index b4e662306..357b5dab6 100644 --- a/docs/data-sources/kyverno_io_cluster_policy_v2beta1_manifest.md +++ b/docs/data-sources/kyverno_io_cluster_policy_v2beta1_manifest.md @@ -55,7 +55,7 @@ Optional: - `apply_rules` (String) ApplyRules controls how rules in a policy are applied. Rule are processed inthe order of declaration. When set to 'One' processing stops after a rule hasbeen applied i.e. the rule matches and results in a pass, fail, or error. Whenset to 'All' all rules in the policy are processed. The default is 'All'. - `background` (Boolean) Background controls if rules are applied to existing resources during a background scan.Optional. Default value is 'true'. The value must be set to 'false' if the policy ruleuses variables that are only available in the admission review request (e.g. user name). - `failure_policy` (String) FailurePolicy defines how unexpected policy errors and webhook response timeout errors are handled.Rules within the same policy share the same failure behavior.Allowed values are Ignore or Fail. Defaults to Fail. -- `generate_existing` (Boolean) GenerateExisting controls whether to trigger generate rule in existing resourcesIf is set to 'true' generate rule will be triggered and applied to existing matched resources.Defaults to 'false' if not specified. +- `generate_existing` (Boolean) Deprecated, use generateExisting under the generate rule instead - `generate_existing_on_policy_update` (Boolean) Deprecated, use generateExisting instead - `mutate_existing_on_policy_update` (Boolean) MutateExistingOnPolicyUpdate controls if a mutateExisting policy is applied on policy events.Default value is 'false'. - `rules` (Attributes List) Rules is a list of Rule instances. A Policy contains multiple rules andeach rule can validate, mutate, or generate resources. (see [below for nested schema](#nestedatt--spec--rules)) @@ -382,6 +382,7 @@ Optional: - `clone` (Attributes) Clone specifies the source resource used to populate each generated resource.At most one of Data or Clone can be specified. If neither are provided, the generatedresource will be created with default data only. (see [below for nested schema](#nestedatt--spec--rules--generate--clone)) - `clone_list` (Attributes) CloneList specifies the list of source resource used to populate each generated resource. (see [below for nested schema](#nestedatt--spec--rules--generate--clone_list)) - `data` (Map of String) Data provides the resource declaration used to populate each generated resource.At most one of Data or Clone must be specified. If neither are provided, the generatedresource will be created with default data only. +- `generate_existing` (Boolean) GenerateExisting controls whether to trigger the rule in existing resourcesIf is set to 'true' the rule will be triggered and applied to existing matched resources. - `kind` (String) Kind specifies resource kind. - `name` (String) Name specifies the resource name. - `namespace` (String) Namespace specifies resource namespace. diff --git a/docs/data-sources/kyverno_io_policy_v1_manifest.md b/docs/data-sources/kyverno_io_policy_v1_manifest.md index 1477017d5..c4656c934 100644 --- a/docs/data-sources/kyverno_io_policy_v1_manifest.md +++ b/docs/data-sources/kyverno_io_policy_v1_manifest.md @@ -57,7 +57,7 @@ Optional: - `apply_rules` (String) ApplyRules controls how rules in a policy are applied. Rule are processed inthe order of declaration. When set to 'One' processing stops after a rule hasbeen applied i.e. the rule matches and results in a pass, fail, or error. Whenset to 'All' all rules in the policy are processed. The default is 'All'. - `background` (Boolean) Background controls if rules are applied to existing resources during a background scan.Optional. Default value is 'true'. The value must be set to 'false' if the policy ruleuses variables that are only available in the admission review request (e.g. user name). - `failure_policy` (String) FailurePolicy defines how unexpected policy errors and webhook response timeout errors are handled.Rules within the same policy share the same failure behavior.This field should not be accessed directly, instead 'GetFailurePolicy()' should be used.Allowed values are Ignore or Fail. Defaults to Fail. -- `generate_existing` (Boolean) GenerateExisting controls whether to trigger generate rule in existing resourcesIf is set to 'true' generate rule will be triggered and applied to existing matched resources.Defaults to 'false' if not specified. +- `generate_existing` (Boolean) Deprecated, use generateExisting under the generate rule instead - `generate_existing_on_policy_update` (Boolean) Deprecated, use generateExisting instead - `mutate_existing_on_policy_update` (Boolean) MutateExistingOnPolicyUpdate controls if a mutateExisting policy is applied on policy events.Default value is 'false'. - `rules` (Attributes List) Rules is a list of Rule instances. A Policy contains multiple rules andeach rule can validate, mutate, or generate resources. (see [below for nested schema](#nestedatt--spec--rules)) @@ -461,6 +461,7 @@ Optional: - `clone` (Attributes) Clone specifies the source resource used to populate each generated resource.At most one of Data or Clone can be specified. If neither are provided, the generatedresource will be created with default data only. (see [below for nested schema](#nestedatt--spec--rules--generate--clone)) - `clone_list` (Attributes) CloneList specifies the list of source resource used to populate each generated resource. (see [below for nested schema](#nestedatt--spec--rules--generate--clone_list)) - `data` (Map of String) Data provides the resource declaration used to populate each generated resource.At most one of Data or Clone must be specified. If neither are provided, the generatedresource will be created with default data only. +- `generate_existing` (Boolean) GenerateExisting controls whether to trigger the rule in existing resourcesIf is set to 'true' the rule will be triggered and applied to existing matched resources. - `kind` (String) Kind specifies resource kind. - `name` (String) Name specifies the resource name. - `namespace` (String) Namespace specifies resource namespace. diff --git a/docs/data-sources/kyverno_io_policy_v2beta1_manifest.md b/docs/data-sources/kyverno_io_policy_v2beta1_manifest.md index 78af9199b..fbc59d535 100644 --- a/docs/data-sources/kyverno_io_policy_v2beta1_manifest.md +++ b/docs/data-sources/kyverno_io_policy_v2beta1_manifest.md @@ -57,7 +57,7 @@ Optional: - `apply_rules` (String) ApplyRules controls how rules in a policy are applied. Rule are processed inthe order of declaration. When set to 'One' processing stops after a rule hasbeen applied i.e. the rule matches and results in a pass, fail, or error. Whenset to 'All' all rules in the policy are processed. The default is 'All'. - `background` (Boolean) Background controls if rules are applied to existing resources during a background scan.Optional. Default value is 'true'. The value must be set to 'false' if the policy ruleuses variables that are only available in the admission review request (e.g. user name). - `failure_policy` (String) FailurePolicy defines how unexpected policy errors and webhook response timeout errors are handled.Rules within the same policy share the same failure behavior.Allowed values are Ignore or Fail. Defaults to Fail. -- `generate_existing` (Boolean) GenerateExisting controls whether to trigger generate rule in existing resourcesIf is set to 'true' generate rule will be triggered and applied to existing matched resources.Defaults to 'false' if not specified. +- `generate_existing` (Boolean) Deprecated, use generateExisting under the generate rule instead - `generate_existing_on_policy_update` (Boolean) Deprecated, use generateExisting instead - `mutate_existing_on_policy_update` (Boolean) MutateExistingOnPolicyUpdate controls if a mutateExisting policy is applied on policy events.Default value is 'false'. - `rules` (Attributes List) Rules is a list of Rule instances. A Policy contains multiple rules andeach rule can validate, mutate, or generate resources. (see [below for nested schema](#nestedatt--spec--rules)) @@ -384,6 +384,7 @@ Optional: - `clone` (Attributes) Clone specifies the source resource used to populate each generated resource.At most one of Data or Clone can be specified. If neither are provided, the generatedresource will be created with default data only. (see [below for nested schema](#nestedatt--spec--rules--generate--clone)) - `clone_list` (Attributes) CloneList specifies the list of source resource used to populate each generated resource. (see [below for nested schema](#nestedatt--spec--rules--generate--clone_list)) - `data` (Map of String) Data provides the resource declaration used to populate each generated resource.At most one of Data or Clone must be specified. If neither are provided, the generatedresource will be created with default data only. +- `generate_existing` (Boolean) GenerateExisting controls whether to trigger the rule in existing resourcesIf is set to 'true' the rule will be triggered and applied to existing matched resources. - `kind` (String) Kind specifies resource kind. - `name` (String) Name specifies the resource name. - `namespace` (String) Namespace specifies resource namespace. diff --git a/docs/data-sources/loki_grafana_com_ruler_config_v1_manifest.md b/docs/data-sources/loki_grafana_com_ruler_config_v1_manifest.md index a2487e664..4190113e9 100644 --- a/docs/data-sources/loki_grafana_com_ruler_config_v1_manifest.md +++ b/docs/data-sources/loki_grafana_com_ruler_config_v1_manifest.md @@ -113,6 +113,7 @@ Optional: - `ca_path` (String) The CA certificate file path for the TLS configuration. - `cert_path` (String) The client-side certificate file path for the TLS configuration. +- `insecure_skip_verify` (Boolean) Skip validating server certificate. - `key_path` (String) The client-side key file path for the TLS configuration. - `server_name` (String) The server name to validate in the alertmanager server certificates. @@ -216,6 +217,7 @@ Optional: - `ca_path` (String) The CA certificate file path for the TLS configuration. - `cert_path` (String) The client-side certificate file path for the TLS configuration. +- `insecure_skip_verify` (Boolean) Skip validating server certificate. - `key_path` (String) The client-side key file path for the TLS configuration. - `server_name` (String) The server name to validate in the alertmanager server certificates. diff --git a/docs/data-sources/monitoring_coreos_com_prometheus_agent_v1alpha1_manifest.md b/docs/data-sources/monitoring_coreos_com_prometheus_agent_v1alpha1_manifest.md index 68ae15d36..1168dfccf 100644 --- a/docs/data-sources/monitoring_coreos_com_prometheus_agent_v1alpha1_manifest.md +++ b/docs/data-sources/monitoring_coreos_com_prometheus_agent_v1alpha1_manifest.md @@ -93,7 +93,7 @@ Optional: - `min_ready_seconds` (Number) Minimum number of seconds for which a newly created Pod should be readywithout any of its container crashing for it to be considered available.Defaults to 0 (pod will be considered available as soon as it is ready)This is an alpha field from kubernetes 1.22 until 1.24 which requiresenabling the StatefulSetMinReadySeconds feature gate. - `mode` (String) Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s).For now this field has no effect.(Alpha) Using this field requires the 'PrometheusAgentDaemonSet' feature gate to be enabled. - `node_selector` (Map of String) Defines on which Nodes the Pods are scheduled. -- `override_honor_labels` (Boolean) When true, Prometheus resolves label conflicts by renaming the labels inthe scraped data to 'exported_