From 4cabfa9fc4a8692a3894640cc597fcf704a96d27 Mon Sep 17 00:00:00 2001
From: "rongfu.leng" <1275177125@qq.com>
Date: Mon, 22 May 2023 21:51:28 +0800
Subject: [PATCH 01/34] add image.registry field (#1003)
Signed-off-by: lengrongfu <1275177125@qq.com>
---
charts/harbor-operator/README.md | 1 +
charts/harbor-operator/templates/deployment.yaml | 2 +-
charts/harbor-operator/values.yaml | 2 ++
config/helm/deployment/kustomization.yaml | 2 +-
4 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/charts/harbor-operator/README.md b/charts/harbor-operator/README.md
index f8cf072bc..effedef23 100644
--- a/charts/harbor-operator/README.md
+++ b/charts/harbor-operator/README.md
@@ -36,6 +36,7 @@ Deploy Harbor Operator
| fullnameOverride | string | `""` | |
| harborClass | string | `""` | Class name of the Harbor operator |
| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy for the controller. |
+| image.registry | string | `"docker.io"` | The image registry whose default is docker.io. |
| image.repository | string | `"goharbor/harbor-operator"` | The image repository whose default is the chart appVersion. |
| image.tag | string | `"dev_master"` | The image tag whose default is the chart appVersion. |
| imagePullSecrets | list | `[]` | Reference to one or more secrets to be used when pulling images For example: `[ {"name":"image-pull-secret"} ]` |
diff --git a/charts/harbor-operator/templates/deployment.yaml b/charts/harbor-operator/templates/deployment.yaml
index c8fb1e34e..7ba20688d 100644
--- a/charts/harbor-operator/templates/deployment.yaml
+++ b/charts/harbor-operator/templates/deployment.yaml
@@ -33,7 +33,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: '{{.Values.image.repository}}:{{.Values.image.tag|default .Chart.AppVersion}}'
+ image: '{{.Values.image.registry}}/{{.Values.image.repository}}:{{.Values.image.tag|default .Chart.AppVersion}}'
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
livenessProbe:
httpGet:
diff --git a/charts/harbor-operator/values.yaml b/charts/harbor-operator/values.yaml
index cba44af9e..617a7e2cb 100644
--- a/charts/harbor-operator/values.yaml
+++ b/charts/harbor-operator/values.yaml
@@ -1,4 +1,6 @@
image:
+ # image.registry -- The image registry whose default is docker.io.
+ registry: docker.io
# image.repository -- The image repository whose default is the chart appVersion.
repository: goharbor/harbor-operator
# image.pullPolicy -- The image pull policy for the controller.
diff --git a/config/helm/deployment/kustomization.yaml b/config/helm/deployment/kustomization.yaml
index f7b00aebb..c75c1221b 100644
--- a/config/helm/deployment/kustomization.yaml
+++ b/config/helm/deployment/kustomization.yaml
@@ -7,7 +7,7 @@ generatorOptions:
images:
- name: goharbor/harbor-operator:dev
- newName: '{{.Values.image.repository}}'
+ newName: '{{.Values.image.registry}}/{{.Values.image.repository}}'
newTag: '{{.Values.image.tag|default .Chart.AppVersion}}'
patches:
From 7fce8bb694c631b7218ff94dae767e1ec89f14be Mon Sep 17 00:00:00 2001
From: Marcel
Date: Tue, 23 May 2023 14:29:51 +0200
Subject: [PATCH 02/34] Rework auto assignees to have review groups (#1037)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Rework autoassignees to have review groups
Signed-off-by: Marcel Müller
---
.github/auto-assignees.yaml | 61 +++++++++++++-------------
.github/workflows/auto-assign-prs.yaml | 2 +-
2 files changed, 32 insertions(+), 31 deletions(-)
diff --git a/.github/auto-assignees.yaml b/.github/auto-assignees.yaml
index d7b95a61a..aed6a746a 100644
--- a/.github/auto-assignees.yaml
+++ b/.github/auto-assignees.yaml
@@ -1,33 +1,34 @@
-# This assigns a PR to its author
-addAssignees: true
+addAssignees: false
-addReviewers: false
+addReviewers: true
-reviewers:
- - holyhope
- - sguyennet
- - jMonsinjon
- - steven-zou
- - mhurtrel
- - heww
- - bitsf
- - wangcanfengxs
- - Ghostbaby
- - soulseen
- - chlins
- - XavierDuthil
- - cndoit18
- - lubronzhan
- - yxxhero
- - wy65701436
- - MarcelMue
- - thcdrt
+useReviewGroups: true
-options:
- ignore_draft: true
- ignored_keywords:
- - WIP
- - wip
- - DO NOT MERGE
- enable_group_assignment: true
- number_of_reviewers: 2
+reviewGroups:
+ active:
+ - MarcelMue
+ - thcdrt
+ general:
+ - holyhope
+ - sguyennet
+ - jMonsinjon
+ - steven-zou
+ - mhurtrel
+ - heww
+ - bitsf
+ - wangcanfengxs
+ - Ghostbaby
+ - soulseen
+ - chlins
+ - XavierDuthil
+ - cndoit18
+ - lubronzhan
+ - yxxhero
+ - wy65701436
+
+skipKeywords:
+ - WIP
+ - wip
+ - DO NOT MERGE
+
+numberOfReviewers: 2
diff --git a/.github/workflows/auto-assign-prs.yaml b/.github/workflows/auto-assign-prs.yaml
index d11983c9d..5d4f293fb 100644
--- a/.github/workflows/auto-assign-prs.yaml
+++ b/.github/workflows/auto-assign-prs.yaml
@@ -12,6 +12,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Set the author of a PR as the assignee
- uses: kentaro-m/auto-assign-action@v1.2.4
+ uses: kentaro-m/auto-assign-action@v1.2.5
with:
configuration-path: ".github/auto-assignees.yaml"
From 660d89e731fa5c7eb614bbbc15d48e312dc76b9c Mon Sep 17 00:00:00 2001
From: Marcel
Date: Tue, 23 May 2023 15:05:30 +0200
Subject: [PATCH 03/34] Reduce number of reviewers to those recently active
(#1039)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Marcel Müller
---
.github/auto-assignees.yaml | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/.github/auto-assignees.yaml b/.github/auto-assignees.yaml
index aed6a746a..12aeb7466 100644
--- a/.github/auto-assignees.yaml
+++ b/.github/auto-assignees.yaml
@@ -10,20 +10,8 @@ reviewGroups:
- thcdrt
general:
- holyhope
- - sguyennet
- - jMonsinjon
- steven-zou
- - mhurtrel
- - heww
- bitsf
- - wangcanfengxs
- - Ghostbaby
- - soulseen
- - chlins
- - XavierDuthil
- - cndoit18
- - lubronzhan
- - yxxhero
- wy65701436
skipKeywords:
From 4e50f88928269e4974b46c431cfb665060c849cc Mon Sep 17 00:00:00 2001
From: Marcel
Date: Tue, 23 May 2023 20:18:04 +0200
Subject: [PATCH 04/34] Remove CRDs from helm completely (#1040)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Remove CRDs from helm completely
Signed-off-by: Marcel Müller
* Try using correct kustomize command
Signed-off-by: Marcel Müller
* Reorder
Signed-off-by: Marcel Müller
* Use kustomize from bin
Signed-off-by: Marcel Müller
---------
Signed-off-by: Marcel Müller
---
.github/workflows/tests.yml | 4 +
Makefile | 9 +-
charts/harbor-operator/templates/crds.yaml | 40786 ----------------
config/helm/crds/kustomization.yaml | 6 +-
.../crds/patches/chartmuseums_service.yaml | 2 +-
config/helm/crds/patches/cores_service.yaml | 2 +-
.../helm/crds/patches/exporters_service.yaml | 2 +-
.../crds/patches/harborclusters_service.yaml | 2 +-
config/helm/crds/patches/harbors_service.yaml | 2 +-
.../crds/patches/jobservices_service.yaml | 2 +-
.../crds/patches/notaryservers_service.yaml | 2 +-
.../crds/patches/notarysigners_service.yaml | 2 +-
config/helm/crds/patches/portals_service.yaml | 2 +-
.../helm/crds/patches/registries_service.yaml | 2 +-
.../patches/registrycontrollers_service.yaml | 2 +-
config/helm/crds/patches/trivies_service.yaml | 2 +-
16 files changed, 20 insertions(+), 40809 deletions(-)
delete mode 100644 charts/harbor-operator/templates/crds.yaml
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index e2fbcf735..b86f829fb 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -628,6 +628,10 @@ jobs:
- name: install harbor-operator
run: |
set -ex
+ make kustomize
+
+ ./bin/kustomize build --reorder legacy config/helm/crds | kubectl create -f -
+
make helm-install NAMESPACE="${operatorNamespace}" IMG=${dockerImage}
kubectl -n "${operatorNamespace}" wait --for=condition=Available deployment --all --timeout 300s
diff --git a/Makefile b/Makefile
index 3133c9d87..2e9edaa63 100644
--- a/Makefile
+++ b/Makefile
@@ -288,7 +288,7 @@ CHART_TEMPLATE_PATH := $(CHART_HARBOR_OPERATOR)/templates
CRD_GROUP := goharbor.io
-$(CHARTS_DIRECTORY)/harbor-operator-$(RELEASE_VERSION).tgz: $(CHART_HARBOR_OPERATOR)/README.md $(CHART_HARBOR_OPERATOR)/templates/crds.yaml \
+$(CHARTS_DIRECTORY)/harbor-operator-$(RELEASE_VERSION).tgz: $(CHART_HARBOR_OPERATOR)/README.md \
$(CHART_HARBOR_OPERATOR)/assets $(wildcard $(CHART_HARBOR_OPERATOR)/assets/*) \
$(CHART_HARBOR_OPERATOR)/Chart.lock \
$(CHART_TEMPLATE_PATH)/role.yaml $(CHART_TEMPLATE_PATH)/clusterrole.yaml \
@@ -302,13 +302,6 @@ $(CHARTS_DIRECTORY)/harbor-operator-$(RELEASE_VERSION).tgz: $(CHART_HARBOR_OPERA
--app-version $(RELEASE_VERSION) \
--destination $(CHARTS_DIRECTORY)
-$(CHART_HARBOR_OPERATOR)/templates/crds.yaml: kustomize config/crd/bases
- echo '{{- /* $(DO_NOT_EDIT) */ -}}' > '$@'
- echo '{{- if .Values.installCRDs }}' >> '$@'
- $(KUSTOMIZE) build config/helm/crds/ | \
- sed "s/'\({{[^}}]*}}\)'/\1/g">> '$@'
- echo '{{- end -}}' >> '$@'
-
$(CHART_HARBOR_OPERATOR)/assets:
rm -f '$@'
ln -vs ../../config/config/assets '$@'
diff --git a/charts/harbor-operator/templates/crds.yaml b/charts/harbor-operator/templates/crds.yaml
deleted file mode 100644
index 0cb37fc69..000000000
--- a/charts/harbor-operator/templates/crds.yaml
+++ /dev/null
@@ -1,40786 +0,0 @@
-{{- /* Code generated by make. DO NOT EDIT. */ -}}
-{{- if .Values.installCRDs }}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: chartmuseums.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: ChartMuseum
- listKind: ChartMuseumList
- plural: chartmuseums
- singular: chartmuseum
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: ChartMuseum is the Schema for the ChartMuseum API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ChartMuseumSpec defines the desired state of ChartMuseum.
- properties:
- authentication:
- properties:
- anonymousGet:
- default: false
- description: Allow anonymous GET operations when auth is used
- type: boolean
- basicAuthRef:
- description: 'Reference to secret containing basic http authentication
- Harbor: Harbor try to connect using chart_controller username'
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- bearer:
- description: Bearer authentication specs
- properties:
- certificateRef:
- description: Reference to secret containing authorization
- server certificate
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- realm:
- description: Authorization server url
- type: string
- service:
- description: Authorization server service name
- type: string
- required:
- - certificateRef
- - realm
- - service
- type: object
- type: object
- cache:
- description: Cache stores
- properties:
- redis:
- description: Redis cache store
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- type: object
- certificateRefs:
- items:
- type: string
- type: array
- chart:
- properties:
- allowOverwrite:
- default: true
- description: Allow chart versions to be re-uploaded without ?force
- querystring
- type: boolean
- index:
- properties:
- parallelLimit:
- description: Parallel scan limit for the repo indexer
- format: int32
- minimum: 0
- type: integer
- storageTimestampTolerance:
- description: Timestamp drift tolerated between cached and
- generated index before invalidation
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- onlySemver2:
- default: false
- description: Enforce the chart museum server only accepts the
- valid chart version as Helm does
- type: boolean
- postFormFieldName:
- description: Form fields which will be queried
- properties:
- chart:
- default: chart
- description: 'Form field which will be queried for the chart
- file content Harbor: Expecting chart to use with Harbor'
- minLength: 1
- type: string
- provenance:
- default: prov
- description: 'Form field which will be queried for the provenance
- file content Harbor: Expecting prov to use with Harbor'
- minLength: 1
- type: string
- type: object
- repo:
- properties:
- depth:
- default: 1
- description: 'Levels of nested repos for multitenancy Harbor:
- must be set to 1 to support project namespace'
- format: int32
- minimum: 0
- type: integer
- depthDynamic:
- default: false
- description: The length of repo variable
- type: boolean
- type: object
- storage:
- properties:
- amazon:
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- bucket:
- description: S3 bucket to store charts for amazon storage
- type: string
- endpoint:
- description: Alternative s3 endpoint
- type: string
- prefix:
- description: Prefix to store charts for the bucket
- type: string
- region:
- description: Region of the bucket
- type: string
- serverSideEncryption:
- description: ServerSideEncryption is the algorithm for
- server side encryption
- type: string
- required:
- - bucket
- type: object
- filesystem:
- properties:
- prefix:
- type: string
- volumeSource:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: The URI the data disk in the blob
- storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on
- the host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that
- should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your
- admin for the correct name as registered in
- the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if
- no secret is required. If the secret object
- contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by
- default. Must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits.
- Defaults to 0644. Directories within the path
- are not affected by this setting. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the
- volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or
- capacity tracking are needed, c) the storage driver
- is specified through a storage class, and d) the
- storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral
- volumes if the CSI driver is meant to be used that
- way - see the documentation of the driver for more
- information. \n A pod can use both types of ephemeral
- volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will
- be the owner of the PVC, i.e. the PVC will be
- deleted together with the pod. The name of
- the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes`
- array entry. Pod validation will reject the
- pod if the concatenated name is not valid for
- a PVC (for example, too long). \n An existing
- PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting
- the pod is then blocked until the unrelated
- PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to
- updated with an owner reference to the pod once
- the pod exists. Normally this should not be
- necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by
- Kubernetes to the PVC after it has been created.
- \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will
- be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the
- desired access modes the volume should
- have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on
- the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
- if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
- preserves all values, and generates
- an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the
- minimum resources the volume should
- have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed
- to specify resource requirements that
- are lower than previous value but must
- still be higher than capacity recorded
- in the status field of the claim. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the
- maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted
- for a container, it defaults to
- Limits if that is explicitly specified,
- otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a
- list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a
- set of values. Valid operators
- are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values
- array must be non-empty. If
- the operator is Exists or
- DoesNotExist, the values array
- must be empty. This array
- is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map
- of {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim.
- Value of Filesystem is implied when
- not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding
- reference to the PersistentVolume backing
- this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and
- then exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver
- to use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options
- if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the
- Flocker control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository
- at a particular revision. DEPRECATED: GitRepo is
- deprecated. To provision a container with a git
- repo, mount an EmptyDir into an InitContainer that
- clones the repo using git, then mount the EmptyDir
- into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used
- for system agents or other privileged things that
- are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount
- host directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the
- link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS
- server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS
- export to be mounted with read-only permissions.
- Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this
- volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets
- host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem
- type to mount Must be a filesystem type supported
- by the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile
- represents information to create
- the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is
- written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path.
- Must be utf-8 encoded. The first
- item of the relative path must
- not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu
- and requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the
- output format of the exposed
- resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient
- of a token must identify itself with
- an identifier specified in the audience
- of the token, and otherwise should
- reject the token. The audience defaults
- to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of
- the service account token. As the
- token approaches expiration, the kubelet
- volume plugin will proactively rotate
- the service account token. The kubelet
- will start trying to rotate the token
- if the token is older than 80 percent
- of its time to live or if the token
- is older than 24 hours.Defaults to
- 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to
- project the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on
- the host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device
- mount on the host that shares a pod''s lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring
- for RBDUser. Default is /etc/ceph/keyring. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its
- keys must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to
- use for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable
- name of the StorageOS volume. Volume names
- are only unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter
- integration. Set VolumeName to any name to override
- the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will
- be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- required:
- - volumeSource
- type: object
- maxStorageObject:
- description: Maximum number of objects allowed in storage
- (per tenant)
- format: int64
- minimum: 0
- type: integer
- openstack:
- properties:
- authenticationURL:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- container:
- description: Container to store charts for openstack storage
- backend
- type: string
- domain:
- description: Your Openstack domain name for Identity v3
- API. You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3
- API. You can either use domain or domainid.
- type: string
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: Prefix to store charts for the container
- type: string
- region:
- description: Region of the container
- type: string
- tenant:
- description: Your Openstack tenant name. You can either
- use tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either
- use tenant or tenantid.
- type: string
- userid:
- description: The Openstack user id. You can either use
- username or userid.
- type: string
- username:
- description: The Openstack user name. You can either use
- username or userid.
- type: string
- required:
- - authenticationURL
- - container
- type: object
- type: object
- url:
- description: The absolute url for .tgz files in index.yaml
- pattern: https?://.*
- type: string
- required:
- - storage
- type: object
- disable:
- description: Disable some features
- properties:
- api:
- default: false
- description: Disable all routes prefixed with
- type: boolean
- delete:
- default: false
- description: Disable DELETE route
- type: boolean
- forceOverwrite:
- default: false
- description: Do not allow chart versions to be re-uploaded, even
- with ?force querystrin
- type: boolean
- metrics:
- default: false
- description: Disable Prometheus metrics
- type: boolean
- statefiles:
- default: false
- description: Disable use of index-cache.yaml
- type: boolean
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- debug:
- default: false
- description: Show debug messages
- type: boolean
- health:
- default: false
- description: Log inbound /health requests
- type: boolean
- json:
- default: false
- description: Output structured logs as json
- type: boolean
- latencyInteger:
- default: true
- description: log latency as an integer instead of a string
- type: boolean
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- server:
- properties:
- corsAllowOrigin:
- description: Value to set in the Access-Control-Allow-Origin HTTP
- header
- type: string
- maxUploadSize:
- default: 20971520
- description: Max size of post body (in bytes)
- format: int64
- minimum: 0
- type: integer
- readTimeout:
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- writeTimeout:
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - chart
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: ChartMuseum is the Schema for the ChartMuseum API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ChartMuseumSpec defines the desired state of ChartMuseum.
- properties:
- authentication:
- properties:
- anonymousGet:
- default: false
- description: Allow anonymous GET operations when auth is used
- type: boolean
- basicAuthRef:
- description: 'Reference to secret containing basic http authentication
- Harbor: Harbor try to connect using chart_controller username'
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- bearer:
- description: Bearer authentication specs
- properties:
- certificateRef:
- description: Reference to secret containing authorization
- server certificate
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- realm:
- description: Authorization server url
- type: string
- service:
- description: Authorization server service name
- type: string
- required:
- - certificateRef
- - realm
- - service
- type: object
- type: object
- cache:
- description: Cache stores
- properties:
- redis:
- description: Redis cache store
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- type: object
- certificateRefs:
- items:
- type: string
- type: array
- chart:
- properties:
- allowOverwrite:
- default: true
- description: Allow chart versions to be re-uploaded without ?force
- querystring
- type: boolean
- index:
- properties:
- parallelLimit:
- description: Parallel scan limit for the repo indexer
- format: int32
- minimum: 0
- type: integer
- storageTimestampTolerance:
- description: Timestamp drift tolerated between cached and
- generated index before invalidation
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- onlySemver2:
- default: false
- description: Enforce the chart museum server only accepts the
- valid chart version as Helm does
- type: boolean
- postFormFieldName:
- description: Form fields which will be queried
- properties:
- chart:
- default: chart
- description: 'Form field which will be queried for the chart
- file content Harbor: Expecting chart to use with Harbor'
- minLength: 1
- type: string
- provenance:
- default: prov
- description: 'Form field which will be queried for the provenance
- file content Harbor: Expecting prov to use with Harbor'
- minLength: 1
- type: string
- type: object
- repo:
- properties:
- depth:
- default: 1
- description: 'Levels of nested repos for multitenancy Harbor:
- must be set to 1 to support project namespace'
- format: int32
- minimum: 0
- type: integer
- depthDynamic:
- default: false
- description: The length of repo variable
- type: boolean
- type: object
- storage:
- properties:
- amazon:
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- bucket:
- description: S3 bucket to store charts for amazon storage
- type: string
- endpoint:
- description: Alternative s3 endpoint
- type: string
- prefix:
- description: Prefix to store charts for the bucket
- type: string
- region:
- description: Region of the bucket
- type: string
- serverSideEncryption:
- description: ServerSideEncryption is the algorithm for
- server side encryption
- type: string
- required:
- - bucket
- type: object
- azure:
- properties:
- accountkeyRef:
- type: string
- accountname:
- type: string
- baseURL:
- default: core.windows.net
- type: string
- container:
- type: string
- pathPrefix:
- default: /azure/harbor/charts
- type: string
- type: object
- filesystem:
- properties:
- prefix:
- type: string
- volumeSource:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: The URI the data disk in the blob
- storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on
- the host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that
- should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your
- admin for the correct name as registered in
- the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if
- no secret is required. If the secret object
- contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by
- default. Must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits.
- Defaults to 0644. Directories within the path
- are not affected by this setting. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the
- volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or
- capacity tracking are needed, c) the storage driver
- is specified through a storage class, and d) the
- storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral
- volumes if the CSI driver is meant to be used that
- way - see the documentation of the driver for more
- information. \n A pod can use both types of ephemeral
- volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will
- be the owner of the PVC, i.e. the PVC will be
- deleted together with the pod. The name of
- the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes`
- array entry. Pod validation will reject the
- pod if the concatenated name is not valid for
- a PVC (for example, too long). \n An existing
- PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting
- the pod is then blocked until the unrelated
- PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to
- updated with an owner reference to the pod once
- the pod exists. Normally this should not be
- necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by
- Kubernetes to the PVC after it has been created.
- \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will
- be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the
- desired access modes the volume should
- have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on
- the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
- if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
- preserves all values, and generates
- an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the
- minimum resources the volume should
- have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed
- to specify resource requirements that
- are lower than previous value but must
- still be higher than capacity recorded
- in the status field of the claim. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the
- maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted
- for a container, it defaults to
- Limits if that is explicitly specified,
- otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a
- list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a
- set of values. Valid operators
- are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values
- array must be non-empty. If
- the operator is Exists or
- DoesNotExist, the values array
- must be empty. This array
- is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map
- of {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim.
- Value of Filesystem is implied when
- not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding
- reference to the PersistentVolume backing
- this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and
- then exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver
- to use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options
- if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the
- Flocker control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository
- at a particular revision. DEPRECATED: GitRepo is
- deprecated. To provision a container with a git
- repo, mount an EmptyDir into an InitContainer that
- clones the repo using git, then mount the EmptyDir
- into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used
- for system agents or other privileged things that
- are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount
- host directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the
- link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS
- server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS
- export to be mounted with read-only permissions.
- Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this
- volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets
- host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem
- type to mount Must be a filesystem type supported
- by the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile
- represents information to create
- the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is
- written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path.
- Must be utf-8 encoded. The first
- item of the relative path must
- not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu
- and requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the
- output format of the exposed
- resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient
- of a token must identify itself with
- an identifier specified in the audience
- of the token, and otherwise should
- reject the token. The audience defaults
- to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of
- the service account token. As the
- token approaches expiration, the kubelet
- volume plugin will proactively rotate
- the service account token. The kubelet
- will start trying to rotate the token
- if the token is older than 80 percent
- of its time to live or if the token
- is older than 24 hours.Defaults to
- 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to
- project the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on
- the host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device
- mount on the host that shares a pod''s lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring
- for RBDUser. Default is /etc/ceph/keyring. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its
- keys must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to
- use for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable
- name of the StorageOS volume. Volume names
- are only unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter
- integration. Set VolumeName to any name to override
- the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will
- be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- required:
- - volumeSource
- type: object
- gcs:
- properties:
- bucket:
- description: bucket to store charts for Gcs storage
- type: string
- chunksize:
- type: string
- keyDataSecretRef:
- description: The base64 encoded json file which contains
- the key
- type: string
- pathPrefix:
- type: string
- required:
- - bucket
- - keyDataSecretRef
- type: object
- maxStorageObject:
- description: Maximum number of objects allowed in storage
- (per tenant)
- format: int64
- minimum: 0
- type: integer
- openstack:
- properties:
- authenticationURL:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- container:
- description: Container to store charts for openstack storage
- backend
- type: string
- domain:
- description: Your Openstack domain name for Identity v3
- API. You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3
- API. You can either use domain or domainid.
- type: string
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: Prefix to store charts for the container
- type: string
- region:
- description: Region of the container
- type: string
- tenant:
- description: Your Openstack tenant name. You can either
- use tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either
- use tenant or tenantid.
- type: string
- userid:
- description: The Openstack user id. You can either use
- username or userid.
- type: string
- username:
- description: The Openstack user name. You can either use
- username or userid.
- type: string
- required:
- - authenticationURL
- - container
- type: object
- oss:
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- type: string
- bucket:
- type: string
- endpoint:
- type: string
- pathPrefix:
- type: string
- required:
- - accessKeyID
- - accessSecretRef
- - bucket
- - endpoint
- type: object
- type: object
- url:
- description: The absolute url for .tgz files in index.yaml
- pattern: https?://.*
- type: string
- required:
- - storage
- type: object
- disable:
- description: Disable some features
- properties:
- api:
- default: false
- description: Disable all routes prefixed with
- type: boolean
- delete:
- default: false
- description: Disable DELETE route
- type: boolean
- forceOverwrite:
- default: false
- description: Do not allow chart versions to be re-uploaded, even
- with ?force querystrin
- type: boolean
- metrics:
- default: false
- description: Disable Prometheus metrics
- type: boolean
- statefiles:
- default: false
- description: Disable use of index-cache.yaml
- type: boolean
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- debug:
- default: false
- description: Show debug messages
- type: boolean
- health:
- default: false
- description: Log inbound /health requests
- type: boolean
- json:
- default: false
- description: Output structured logs as json
- type: boolean
- latencyInteger:
- default: true
- description: log latency as an integer instead of a string
- type: boolean
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- server:
- properties:
- corsAllowOrigin:
- description: Value to set in the Access-Control-Allow-Origin HTTP
- header
- type: string
- maxUploadSize:
- default: 20971520
- description: Max size of post body (in bytes)
- format: int64
- minimum: 0
- type: integer
- readTimeout:
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- writeTimeout:
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - chart
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: cores.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Core
- listKind: CoreList
- plural: cores
- singular: core
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Core is the Schema for the Core API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CoreSpec defines the desired state of Core.
- properties:
- adminInitialPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- authMode:
- default: db_auth
- enum:
- - db_auth
- type: string
- certificateRefs:
- items:
- type: string
- type: array
- components:
- properties:
- chartRepository:
- properties:
- absoluteURL:
- default: false
- type: boolean
- cacheDriver:
- default: redis
- enum:
- - redis
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- jobService:
- properties:
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - secretRef
- - url
- type: object
- notaryServer:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- portal:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- registry:
- properties:
- controllerURL:
- pattern: https?://.+
- type: string
- credentials:
- properties:
- passwordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- type: string
- required:
- - passwordRef
- - username
- type: object
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate
- to authenticate with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when
- connecting to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- storageProviderName:
- minLength: 1
- type: string
- sync:
- default: false
- type: boolean
- url:
- pattern: https?://.+
- type: string
- required:
- - controllerURL
- - credentials
- - url
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenService:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - certificateRef
- - url
- type: object
- trivy:
- properties:
- adapterURL:
- pattern: https?://.+
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - adapterURL
- - url
- type: object
- required:
- - jobService
- - portal
- - registry
- - tokenService
- type: object
- configExpiration:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- csrfKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- properties:
- database:
- description: The database name. Defaults to be the same as the
- user name. In certain contexts, the value is checked for extended
- formats.
- minLength: 1
- type: string
- encryptionKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- maxIdleConnections:
- default: 50
- format: int32
- minimum: 0
- type: integer
- maxOpenConnections:
- default: 1000
- format: int32
- minimum: 0
- type: integer
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - encryptionKeyRef
- type: object
- externalEndpoint:
- pattern: https?://.+
- type: string
- http:
- properties:
- enableGzip:
- default: true
- type: boolean
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- level:
- default: info
- description: CoreLogLevel is the log level for Core.
- enum:
- - debug
- - info
- - warn
- - error
- type: string
- type: object
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- publicCertificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- idleTimeout:
- default: 30s
- description: IdleTimeoutSecond closes connections after remaining
- idle for this duration. If the value is zero, then idle connections
- are not closed. Applications should set the timeout to a value
- less than the server's timeout.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - adminInitialPasswordRef
- - components
- - csrfKeyRef
- - database
- - externalEndpoint
- - redis
- - secretRef
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Core is the Schema for the Core API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CoreSpec defines the desired state of Core.
- properties:
- adminInitialPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- authMode:
- default: db_auth
- enum:
- - db_auth
- type: string
- certificateRefs:
- items:
- type: string
- type: array
- components:
- properties:
- chartRepository:
- properties:
- absoluteURL:
- default: false
- type: boolean
- cacheDriver:
- default: redis
- enum:
- - redis
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- jobService:
- properties:
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - secretRef
- - url
- type: object
- notaryServer:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- portal:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- registry:
- properties:
- controllerURL:
- pattern: https?://.+
- type: string
- credentials:
- properties:
- passwordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- type: string
- required:
- - passwordRef
- - username
- type: object
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate
- to authenticate with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when
- connecting to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- storageProviderName:
- minLength: 1
- type: string
- sync:
- default: false
- type: boolean
- url:
- pattern: https?://.+
- type: string
- required:
- - controllerURL
- - credentials
- - url
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenService:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - certificateRef
- - url
- type: object
- trivy:
- properties:
- adapterURL:
- pattern: https?://.+
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - adapterURL
- - url
- type: object
- required:
- - jobService
- - portal
- - registry
- - tokenService
- type: object
- configExpiration:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- csrfKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- properties:
- database:
- description: The database name. Defaults to be the same as the
- user name. In certain contexts, the value is checked for extended
- formats.
- minLength: 1
- type: string
- encryptionKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- maxIdleConnections:
- default: 50
- format: int32
- minimum: 0
- type: integer
- maxOpenConnections:
- default: 1000
- format: int32
- minimum: 0
- type: integer
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - encryptionKeyRef
- type: object
- externalEndpoint:
- pattern: https?://.+
- type: string
- http:
- properties:
- enableGzip:
- default: true
- type: boolean
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- level:
- default: info
- description: CoreLogLevel is the log level for Core.
- enum:
- - debug
- - info
- - warn
- - error
- type: string
- type: object
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- publicCertificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- idleTimeout:
- default: 30s
- description: IdleTimeoutSecond closes connections after remaining
- idle for this duration. If the value is zero, then idle connections
- are not closed. Applications should set the timeout to a value
- less than the server's timeout.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- trace:
- properties:
- attributes:
- additionalProperties:
- type: string
- description: A key value dict contains user defined attributes
- used to initialize trace provider.
- type: object
- enabled:
- default: false
- description: Enable tracing or not.
- type: boolean
- jaeger:
- properties:
- agent:
- properties:
- host:
- description: The host of the jaeger agent.
- type: string
- port:
- description: The port of the jaeger agent.
- type: integer
- type: object
- collector:
- properties:
- endpoint:
- description: The endpoint of the jaeger collector.
- type: string
- passwordRef:
- description: The password secret reference name of the
- jaeger collector.
- type: string
- username:
- description: The username of the jaeger collector.
- type: string
- required:
- - endpoint
- type: object
- mode:
- description: 'The jaeger mode: ''collector'' or ''agent''.'
- enum:
- - collector
- - agent
- type: string
- required:
- - mode
- type: object
- namespace:
- description: Namespace used to differentiate different harbor
- services.
- type: string
- otel:
- properties:
- compression:
- description: Whether enable compression or not for otel.
- type: boolean
- endpoint:
- description: The endpoint of otel.
- type: string
- insecure:
- description: Whether establish insecure connection or not
- for otel.
- type: boolean
- timeout:
- default: 10s
- description: The timeout of otel.
- type: string
- urlPath:
- description: The URL path of otel.
- type: string
- required:
- - endpoint
- - urlPath
- type: object
- provider:
- description: 'The tracing provider: ''jaeger'' or ''otel''.'
- enum:
- - jaeger
- - otel
- type: string
- sampleRate:
- default: 1
- description: Set `sampleRate` to 1 if you wanna sampling 100%
- of trace data; set 0.5 if you wanna sampling 50% of trace data,
- and so forth.
- type: integer
- required:
- - provider
- type: object
- required:
- - adminInitialPasswordRef
- - components
- - csrfKeyRef
- - database
- - externalEndpoint
- - redis
- - secretRef
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: exporters.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Exporter
- listKind: ExporterList
- plural: exporters
- singular: exporter
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Exporter is the Schema for the Exporter API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ExporterSpec defines the desired state of Exporter.
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database and
- core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- core:
- properties:
- url:
- description: The absolute Harbor Core URL.
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- database:
- properties:
- database:
- description: The database name. Defaults to be the same as the
- user name. In certain contexts, the value is checked for extended
- formats.
- minLength: 1
- type: string
- encryptionKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- maxIdleConnections:
- default: 50
- format: int32
- minimum: 0
- type: integer
- maxOpenConnections:
- default: 1000
- format: int32
- minimum: 0
- type: integer
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - encryptionKeyRef
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- level:
- default: info
- description: ExporterLogLevel is the log level for Exporter.
- enum:
- - debug
- - info
- - warning
- - error
- - panic
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- pattern: /.+
- type: string
- port:
- default: 8001
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - core
- - database
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Exporter is the Schema for the Exporter API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ExporterSpec defines the desired state of Exporter.
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database and
- core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- core:
- properties:
- url:
- description: The absolute Harbor Core URL.
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- database:
- properties:
- database:
- description: The database name. Defaults to be the same as the
- user name. In certain contexts, the value is checked for extended
- formats.
- minLength: 1
- type: string
- encryptionKeyRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- maxIdleConnections:
- default: 50
- format: int32
- minimum: 0
- type: integer
- maxOpenConnections:
- default: 1000
- format: int32
- minimum: 0
- type: integer
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - encryptionKeyRef
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- jobservice:
- properties:
- redisPool:
- description: RedisPoolConfig keeps redis worker info.
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- idleTimeout:
- default: 30s
- description: IdleTimeoutSecond closes connections after remaining
- idle for this duration. If the value is zero, then idle
- connections are not closed. Applications should set the
- timeout to a value less than the server's timeout.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- namespace:
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- type: object
- log:
- properties:
- level:
- default: info
- description: ExporterLogLevel is the log level for Exporter.
- enum:
- - debug
- - info
- - warning
- - error
- - panic
- type: string
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- pattern: /.+
- type: string
- port:
- default: 8001
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - core
- - database
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: harborclusters.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- kind: HarborCluster
- listKind: HarborClusterList
- plural: harborclusters
- singular: harborcluster
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The public URL to the Harbor application
- jsonPath: .spec.externalURL
- name: Public URL
- type: string
- - description: The version to the Harbor application
- jsonPath: .spec.version
- name: Version
- type: string
- - description: The overall status of the Harbor cluster
- jsonPath: .status.status
- name: Status
- type: string
- - description: 'The operator version '
- jsonPath: .status.operator.controllerVersion
- name: Operator Version
- priority: 30
- type: string
- - description: The operator git commit
- jsonPath: .status.operator.controllerGitCommit
- name: Operator Git Commit
- priority: 30
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: HarborCluster is the Schema for the harborclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborClusterSpec defines the desired state of HarborCluster.
- properties:
- chartmuseum:
- properties:
- absoluteUrl:
- default: false
- description: Harbor defaults ChartMuseum to returning relative
- urls, if you want using absolute url you should enable it
- type: boolean
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- core:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tokenIssuer:
- description: ObjectReference is a reference to an object with
- a given name, kind and group.
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- required:
- - name
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- database:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- type: string
- sslMode:
- description: PostgreSQL has native support for using SSL connections
- to encrypt client/server communications for increased security.
- enum:
- - disable
- - allow
- - prefer
- - require
- - verify-ca
- - verify-full
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - hosts
- type: object
- exporter:
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the
- database and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- description: The metrics path of the exporter.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the exporter.
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- expose:
- properties:
- core:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- notary:
- description: The ingress of the notary, required when notary component
- enabled.
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - core
- type: object
- externalURL:
- pattern: https?://.*
- type: string
- harborAdminPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- imageChartStorage:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- filesystem:
- description: 'FileSystem is an implementation of the storagedriver.StorageDriver
- interface which uses the local filesystem. The local filesystem
- can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/'
- properties:
- chartPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- registryPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- required:
- - registryPersistentVolume
- type: object
- redirect:
- properties:
- disable:
- default: false
- type: boolean
- type: object
- s3:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Amazon S3 or S3 compatible services for
- object storage. See: https://docs.docker.com/registry/storage-drivers/s3/'
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles, omit
- to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store the
- registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks to
- be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the image
- in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt must
- be true, or this parameter is ignored).
- type: string
- region:
- description: The AWS region in which your bucket exists. For
- the moment, the Go AWS library in use does not use the newer
- DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services (Minio,
- etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3 keys
- to allow you to segment data in your bucket if necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS Secret
- Key. If you use IAM roles, omit to fetch temporary credentials
- from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is set
- to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version 4
- of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- description: 'An implementation of the storagedriver.StorageDriver
- interface that uses OpenStack Swift for object storage. See:
- https://docs.docker.com/registry/storage-drivers/swift/'
- properties:
- accesskey:
- description: The access key to generate temporary URLs. It
- is used by HP Cloud Object Storage in addition to the secretkey
- parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for example
- 3. By default the driver autodetects the auth’s version
- from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you wish
- to store the registry’s data. The driver creates the named
- container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3 API.
- You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3 API.
- You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set to
- true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container if necessary.
- Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either use
- tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either use
- tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- imageSource:
- properties:
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- repository:
- description: The default repository for the images of the components.
- eg docker.io/goharbor/
- type: string
- tagSuffix:
- description: The tag suffix for the images of the images of the
- components. eg '-patch1'
- type: string
- type: object
- inClusterCache:
- description: Cache configuration for in-cluster cache services
- properties:
- kind:
- description: Set the kind of cache service to be used. Only support
- Redis now.
- enum:
- - Redis
- type: string
- redisSpec:
- description: RedisSpec is the specification of redis.
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- sentinel:
- description: Sentinel is the configuration of the redis sentinel.
- properties:
- replicas:
- default: 1
- description: Replicas is the instance number of redis
- sentinel.
- type: integer
- type: object
- server:
- description: Server is the configuration of the redis server.
- properties:
- replicas:
- default: 1
- description: Replicas is the instance number of redis
- server.
- type: integer
- resources:
- description: Resources is the resources requests and limits
- for redis.
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- storage:
- description: Storage is the size of the redis storage.
- type: string
- storageClassName:
- description: StorageClassName is the storage class name
- of the redis storage.
- type: string
- type: object
- type: object
- required:
- - kind
- - redisSpec
- type: object
- inClusterDatabase:
- description: Database configuration for in-cluster database service
- properties:
- kind:
- description: Set the kind of which database service to be used,
- Only support PostgresSQL now.
- enum:
- - PostgresSQL
- type: string
- postgresSqlSpec:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- replicas:
- description: Replicas defines database instance replicas
- minimum: 1
- type: integer
- resources:
- description: Resources defines database pod resource config
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- storage:
- description: Storage defines database data store pvc size
- type: string
- storageClassName:
- description: StorageClassName defines use which StorageClass
- to create pvc
- type: string
- type: object
- required:
- - kind
- - postgresSqlSpec
- type: object
- inClusterStorage:
- description: Storage configuration for in-cluster storage service
- properties:
- kind:
- description: Kind of which storage service to be used. Only support
- MinIO now.
- enum:
- - MinIO
- type: string
- minIOSpec:
- description: inCLuster options.
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- mc:
- description: MinIOClientSpec the spec for the mc
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the
- same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- type: object
- redirect:
- description: Determine if the redirection of minio storage
- is disabled.
- properties:
- enable:
- default: true
- description: Default is true
- type: boolean
- expose:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - enable
- type: object
- replicas:
- description: Supply number of replicas. For standalone mode,
- supply 1. For distributed mode, supply 4 to 16 drives (should
- be even). Note that the operator does not support upgrading
- from standalone to distributed mode.
- format: int32
- minimum: 1
- type: integer
- resources:
- description: If provided, use these requests and limit for
- cpu/memory resource allocation
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- description: Reference to the secret containing the MinIO
- access key and secret key.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- volumeClaimTemplate:
- description: VolumeClaimTemplate allows a user to specify
- how volumes inside a MinIOInstance
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- description: 'Standard object''s metadata. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- type: object
- spec:
- description: 'Spec defines the desired characteristics
- of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'AccessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify either:
- * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified data
- source. If the AnyVolumeDataSource feature gate
- is enabled, this field will always have the same
- contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which to populate
- the volume with data, if a non-empty volume is desired.
- This may be any local object from a non-empty API
- group (non core object) or a PersistentVolumeClaim
- object. When this field is specified, volume binding
- will only succeed if the type of the specified object
- matches some installed volume populator or dynamic
- provisioner. This field will replace the functionality
- of the DataSource field and as such if both fields
- are non-empty, they must have the same value. For
- backwards compatibility, both fields (DataSource
- and DataSourceRef) will be set to the same value
- automatically if one of them is empty and the other
- is non-empty. There are two important differences
- between DataSource and DataSourceRef: * While DataSource
- only allows two specific types of objects, DataSourceRef
- allows any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed values
- (dropping them), DataSourceRef preserves all values,
- and generates an error if a disallowed value is
- specified. (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is
- omitted for a container, it defaults to Limits
- if that is explicitly specified, otherwise to
- an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to consider
- for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement is
- a selector that contains values, a key, and
- an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If
- the operator is Exists or DoesNotExist,
- the values array must be empty. This array
- is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required by
- the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem is
- implied when not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference to
- the PersistentVolume backing this claim.
- type: string
- type: object
- status:
- description: 'Status represents the current information/status
- of a persistent volume claim. Read-only. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'AccessModes contains the actual access
- modes the volume backing the PVC has. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- allocatedResources:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: The storage resource within AllocatedResources
- tracks the capacity allocated to a PVC. It may be
- larger than the actual capacity when a volume expansion
- operation is requested. For storage quota, the larger
- value from allocatedResources and PVC.spec.resources
- is used. If allocatedResources is not set, PVC.spec.resources
- alone is used for quota calculation. If a volume
- expansion capacity request is lowered, allocatedResources
- is only lowered if there are no expansion operations
- in progress and if the actual volume capacity is
- equal or lower than the requested capacity. This
- is an alpha field and requires enabling RecoverVolumeExpansionFailure
- feature.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: Represents the actual resources of the
- underlying volume.
- type: object
- conditions:
- description: Current Condition of persistent volume
- claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
- items:
- description: PersistentVolumeClaimCondition contails
- details about state of pvc
- properties:
- lastProbeTime:
- description: Last time we probed the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: Last time the condition transitioned
- from one status to another.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating
- details about last transition.
- type: string
- reason:
- description: Unique, this should be a short,
- machine understandable string that gives the
- reason for condition's last transition. If
- it reports "ResizeStarted" that means the
- underlying persistent volume is being resized.
- type: string
- status:
- type: string
- type:
- description: PersistentVolumeClaimConditionType
- is a valid value of PersistentVolumeClaimCondition.Type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- phase:
- description: Phase represents the current phase of
- PersistentVolumeClaim.
- type: string
- resizeStatus:
- description: ResizeStatus stores status of resize
- operation. ResizeStatus is not set by default but
- when expansion is complete resizeStatus is set to
- empty string by resize controller or kubelet. This
- is an alpha field and requires enabling RecoverVolumeExpansionFailure
- feature.
- type: string
- type: object
- type: object
- volumesPerServer:
- description: Number of persistent volumes that will be attached
- per server
- format: int32
- minimum: 1
- type: integer
- required:
- - redirect
- - replicas
- - volumesPerServer
- type: object
- required:
- - kind
- type: object
- internalTLS:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- jobservice:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- workerCount:
- default: 10
- format: int32
- minimum: 1
- type: integer
- type: object
- logLevel:
- default: info
- description: HarborLogLevel is the log level for Harbor.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- notary:
- properties:
- migrationEnabled:
- default: true
- description: Inject migration configuration to notary resources
- type: boolean
- server:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- signer:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- type: object
- portal:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- proxy:
- properties:
- components:
- default:
- - core
- - jobservice
- - trivy
- items:
- type: string
- type: array
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- registry:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- relativeURLs:
- default: true
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storageMiddlewares:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- registryctl:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- trivy:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- githubTokenRef:
- description: The name of the secret containing the token to connect
- to GitHub API.
- type: string
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- skipUpdate:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- storage:
- properties:
- cachePersistentVolume:
- description: CachePersistentVolume specify the persistent
- volume used to store Trivy cache. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- reportsPersistentVolume:
- description: ReportsPersistentVolume specify the persistent
- volume used to store Trivy reports. If empty, empty dir
- will be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - storage
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- version:
- description: The version of the harbor, eg 2.1.2
- pattern: '[0-9]+\.[0-9]+\.[0-9]+'
- type: string
- required:
- - expose
- - externalURL
- - harborAdminPasswordRef
- - version
- type: object
- status:
- description: HarborClusterStatus defines the observed state of HarborCluster.
- properties:
- conditions:
- description: Conditions of each components
- items:
- description: HarborClusterCondition contains details for the current
- condition of this pod.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating details about
- last transition.
- type: string
- reason:
- description: Unique, one-word, CamelCase reason for the condition's
- last transition.
- type: string
- status:
- description: Status is the status of the condition. Can be True,
- False, Unknown.
- type: string
- type:
- description: Type is the type of the condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- revision:
- description: Revision of the status Use unix nano
- format: int64
- type: integer
- status:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
- of cluster Important: Run "make" to regenerate code after modifying
- this file Status indicates the overall status of the Harbor cluster
- Status can be "unknown", "creating", "healthy" and "unhealthy"'
- type: string
- required:
- - revision
- - status
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: The public URL to the Harbor application
- jsonPath: .spec.externalURL
- name: Public URL
- type: string
- - description: The overall status of the Harbor cluster
- jsonPath: .status.status
- name: Status
- type: string
- - description: 'The operator version '
- jsonPath: .status.operator.controllerVersion
- name: Operator Version
- priority: 30
- type: string
- - description: The operator git commit
- jsonPath: .status.operator.controllerGitCommit
- name: Operator Git Commit
- priority: 30
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: HarborCluster is the Schema for the harborclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborClusterSpec defines the desired state of HarborCluster.
- properties:
- cache:
- description: Cache configuration for in-cluster cache services
- properties:
- kind:
- description: Set the kind of cache service to be used. Only support
- Redis now.
- enum:
- - Redis
- - RedisFailover
- type: string
- spec:
- description: RedisSpec is the specification of redis.
- properties:
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate
- to authenticate with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when
- connecting to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- redisFailover:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the
- same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- operatorVersion:
- type: string
- sentinel:
- description: Sentinel is the configuration of the redis
- sentinel.
- properties:
- replicas:
- default: 1
- description: Replicas is the instance number of redis
- sentinel.
- type: integer
- type: object
- server:
- description: Server is the configuration of the redis
- server.
- properties:
- replicas:
- default: 1
- description: Replicas is the instance number of redis
- server.
- type: integer
- resources:
- description: Resources is the resources requests and
- limits for redis.
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is
- omitted for a container, it defaults to Limits
- if that is explicitly specified, otherwise to
- an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- storage:
- description: Storage is the size of the redis storage.
- type: string
- storageClassName:
- description: StorageClassName is the storage class
- name of the redis storage.
- type: string
- type: object
- required:
- - operatorVersion
- type: object
- type: object
- required:
- - kind
- - spec
- type: object
- chartmuseum:
- properties:
- absoluteUrl:
- default: false
- description: Harbor defaults ChartMuseum to returning relative
- urls, if you want using absolute url you should enable it
- type: boolean
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- core:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tokenIssuer:
- description: ObjectReference is a reference to an object with
- a given name, kind and group.
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- required:
- - name
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - tokenIssuer
- type: object
- database:
- description: Database configuration for in-cluster database service
- properties:
- kind:
- description: Set the kind of which database service to be used,
- Only support PostgreSQL now.
- enum:
- - PostgreSQL
- - Zlando/PostgreSQL
- type: string
- spec:
- properties:
- postgresql:
- properties:
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host
- name begins with a slash, it specifies Unix-domain
- communication rather than TCP/IP communication;
- the value is the name of the directory in which
- the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server
- host, or socket file name extension for Unix-domain
- connections. Zero, specifies the default port
- number established when PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- passwordRef:
- description: Secret containing the password to be used
- if the server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- type: string
- sslMode:
- description: PostgreSQL has native support for using SSL
- connections to encrypt client/server communications
- for increased security.
- enum:
- - disable
- - allow
- - prefer
- - require
- - verify-ca
- - verify-full
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults
- to be the same as the operating system name of the user
- running the application.
- minLength: 1
- type: string
- required:
- - hosts
- type: object
- zlandoPostgreSql:
- description: ZlandoPostgreSQL
- properties:
- connectTimeout:
- type: integer
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the
- same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- operatorVersion:
- type: string
- replicas:
- type: integer
- resources:
- description: ResourceRequirements describes the compute
- resource requirements.
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- sslConfig:
- type: string
- storage:
- type: string
- storageClassName:
- type: string
- required:
- - operatorVersion
- type: object
- type: object
- required:
- - kind
- - spec
- type: object
- exporter:
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the
- database and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- description: The metrics path of the exporter.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the exporter.
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- expose:
- properties:
- core:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- notary:
- description: The ingress of the notary, required when notary component
- enabled.
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - core
- type: object
- externalURL:
- pattern: https?://.*
- type: string
- harborAdminPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- imageSource:
- properties:
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- repository:
- description: The default repository for the images of the components.
- eg docker.io/goharbor/
- type: string
- tagSuffix:
- description: The tag suffix for the images of the images of the
- components. eg '-patch1'
- type: string
- type: object
- internalTLS:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- jobservice:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- scanDataExportsPersistentVolume:
- description: ScanDataExportsPersistentVolume specify the persistent
- volume used to store data exports. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- workerCount:
- default: 10
- format: int32
- minimum: 1
- type: integer
- type: object
- logLevel:
- default: info
- description: HarborLogLevel is the log level for Harbor.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- network:
- description: Network settings for the harbor
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- notary:
- properties:
- migrationEnabled:
- default: true
- description: Inject migration configuration to notary resources
- type: boolean
- server:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- signer:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- type: object
- portal:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- proxy:
- properties:
- components:
- default:
- - core
- - jobservice
- - trivy
- items:
- type: string
- type: array
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- registry:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- relativeURLs:
- default: true
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storageMiddlewares:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- registryctl:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- storage:
- description: Storage configuration for in-cluster storage service
- properties:
- kind:
- description: Kind of which storage service to be used. Only support
- MinIO now.
- enum:
- - MinIO
- - S3
- - Swift
- - FileSystem
- - Azure
- - Gcs
- - Oss
- type: string
- spec:
- description: the spec of Storage.
- properties:
- azure:
- properties:
- accountkeyRef:
- type: string
- accountname:
- type: string
- baseURL:
- default: core.windows.net
- type: string
- container:
- type: string
- pathPrefix:
- default: /azure/harbor/charts
- type: string
- type: object
- fileSystem:
- properties:
- chartPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- registryPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- required:
- - registryPersistentVolume
- type: object
- gcs:
- properties:
- bucket:
- description: bucket to store charts for Gcs storage
- type: string
- chunkSize:
- type: string
- keyDataRef:
- description: The base64 encoded json file which contains
- the key
- type: string
- pathPrefix:
- type: string
- type: object
- minIO:
- description: inCluster options.
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the
- same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- mc:
- description: MinIOClientSpec the spec for the mc
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough
- information to let you locate the referenced object
- inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- type: object
- operatorVersion:
- default: 4.0.6
- description: the version of minIO operator
- type: string
- redirect:
- description: deprecated Determine if the redirection of
- minio storage is disabled.
- properties:
- enable:
- default: true
- description: Default is true
- type: boolean
- expose:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - enable
- type: object
- replicas:
- description: Supply number of replicas. For standalone
- mode, supply 1. For distributed mode, supply 4 to 16
- drives (should be even). Note that the operator does
- not support upgrading from standalone to distributed
- mode.
- format: int32
- minimum: 1
- type: integer
- resources:
- description: If provided, use these requests and limit
- for cpu/memory resource allocation
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- description: Reference to the secret containing the MinIO
- access key and secret key.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- volumeClaimTemplate:
- description: VolumeClaimTemplate allows a user to specify
- how volumes inside a MinIOInstance
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- description: 'Standard object''s metadata. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- type: object
- spec:
- description: 'Spec defines the desired characteristics
- of a volume requested by a pod author. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot) * An
- existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a
- new volume based on the contents of the specified
- data source. If the AnyVolumeDataSource feature
- gate is enabled, this field will always have
- the same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the
- resource being referenced. If APIGroup is
- not specified, the specified Kind must be
- in the core API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local object
- from a non-empty API group (non core object)
- or a PersistentVolumeClaim object. When this
- field is specified, volume binding will only
- succeed if the type of the specified object
- matches some installed volume populator or dynamic
- provisioner. This field will replace the functionality
- of the DataSource field and as such if both
- fields are non-empty, they must have the same
- value. For backwards compatibility, both fields
- (DataSource and DataSourceRef) will be set to
- the same value automatically if one of them
- is empty and the other is non-empty. There are
- two important differences between DataSource
- and DataSourceRef: * While DataSource only allows
- two specific types of objects, DataSourceRef
- allows any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a disallowed
- value is specified. (Alpha) Using this field
- requires the AnyVolumeDataSource feature gate
- to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the
- resource being referenced. If APIGroup is
- not specified, the specified Kind must be
- in the core API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity
- recorded in the status field of the claim. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed. More
- info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required. If
- Requests is omitted for a container, it
- defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to consider
- for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of
- label selector requirements. The requirements
- are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a
- key, and an operator that relates the
- key and values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only
- "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem
- is implied when not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- status:
- description: 'Status represents the current information/status
- of a persistent volume claim. Read-only. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'AccessModes contains the actual
- access modes the volume backing the PVC has.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- allocatedResources:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: The storage resource within AllocatedResources
- tracks the capacity allocated to a PVC. It may
- be larger than the actual capacity when a volume
- expansion operation is requested. For storage
- quota, the larger value from allocatedResources
- and PVC.spec.resources is used. If allocatedResources
- is not set, PVC.spec.resources alone is used
- for quota calculation. If a volume expansion
- capacity request is lowered, allocatedResources
- is only lowered if there are no expansion operations
- in progress and if the actual volume capacity
- is equal or lower than the requested capacity.
- This is an alpha field and requires enabling
- RecoverVolumeExpansionFailure feature.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: Represents the actual resources of
- the underlying volume.
- type: object
- conditions:
- description: Current Condition of persistent volume
- claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
- items:
- description: PersistentVolumeClaimCondition
- contails details about state of pvc
- properties:
- lastProbeTime:
- description: Last time we probed the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: Last time the condition transitioned
- from one status to another.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating
- details about last transition.
- type: string
- reason:
- description: Unique, this should be a short,
- machine understandable string that gives
- the reason for condition's last transition.
- If it reports "ResizeStarted" that means
- the underlying persistent volume is being
- resized.
- type: string
- status:
- type: string
- type:
- description: PersistentVolumeClaimConditionType
- is a valid value of PersistentVolumeClaimCondition.Type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- phase:
- description: Phase represents the current phase
- of PersistentVolumeClaim.
- type: string
- resizeStatus:
- description: ResizeStatus stores status of resize
- operation. ResizeStatus is not set by default
- but when expansion is complete resizeStatus
- is set to empty string by resize controller
- or kubelet. This is an alpha field and requires
- enabling RecoverVolumeExpansionFailure feature.
- type: string
- type: object
- type: object
- volumesPerServer:
- description: Number of persistent volumes that will be
- attached per server
- format: int32
- minimum: 1
- type: integer
- required:
- - operatorVersion
- - replicas
- - volumesPerServer
- type: object
- oss:
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- type: string
- bucket:
- type: string
- chunksize:
- description: The Oss API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the
- image in encrypted format or not. A boolean value.
- type: boolean
- endpoint:
- type: string
- internal:
- default: false
- type: boolean
- pathPrefix:
- type: string
- region:
- pattern: oss-.*
- type: string
- secure:
- default: true
- type: boolean
- required:
- - accessKeyID
- - accessSecretRef
- - bucket
- - region
- type: object
- redirect:
- description: Determine if the redirection of minio storage
- is disabled.
- properties:
- enable:
- default: true
- description: Default is true
- type: boolean
- expose:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - enable
- type: object
- s3:
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles,
- omit to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store
- the registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the
- image in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt
- must be true, or this parameter is ignored).
- type: string
- multipartcopychunksize:
- format: int64
- type: integer
- multipartcopymaxconcurrency:
- format: int64
- type: integer
- multipartcopythresholdsize:
- format: int64
- type: integer
- region:
- description: The AWS region in which your bucket exists.
- For the moment, the Go AWS library in use does not use
- the newer DNS based bucket routing. For a list of regions,
- see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services
- (Minio, etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3
- keys to allow you to segment data in your bucket if
- necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS
- Secret Key. If you use IAM roles, omit to fetch temporary
- credentials from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is
- set to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version
- 4 of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- properties:
- accesskey:
- description: The access key to generate temporary URLs.
- It is used by HP Cloud Object Storage in addition to
- the secretkey parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for
- example 3. By default the driver autodetects the auth’s
- version from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you
- wish to store the registry’s data. The driver creates
- the named container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3
- API. You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3
- API. You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to
- swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set
- to true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container
- if necessary. Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary
- URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either
- use tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either
- use tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- required:
- - kind
- - spec
- type: object
- trace:
- description: Trace settings for the harbor
- properties:
- attributes:
- additionalProperties:
- type: string
- description: A key value dict contains user defined attributes
- used to initialize trace provider.
- type: object
- enabled:
- default: false
- description: Enable tracing or not.
- type: boolean
- jaeger:
- properties:
- agent:
- properties:
- host:
- description: The host of the jaeger agent.
- type: string
- port:
- description: The port of the jaeger agent.
- type: integer
- type: object
- collector:
- properties:
- endpoint:
- description: The endpoint of the jaeger collector.
- type: string
- passwordRef:
- description: The password secret reference name of the
- jaeger collector.
- type: string
- username:
- description: The username of the jaeger collector.
- type: string
- required:
- - endpoint
- type: object
- mode:
- description: 'The jaeger mode: ''collector'' or ''agent''.'
- enum:
- - collector
- - agent
- type: string
- required:
- - mode
- type: object
- namespace:
- description: Namespace used to differentiate different harbor
- services.
- type: string
- otel:
- properties:
- compression:
- description: Whether enable compression or not for otel.
- type: boolean
- endpoint:
- description: The endpoint of otel.
- type: string
- insecure:
- description: Whether establish insecure connection or not
- for otel.
- type: boolean
- timeout:
- default: 10s
- description: The timeout of otel.
- type: string
- urlPath:
- description: The URL path of otel.
- type: string
- required:
- - endpoint
- - urlPath
- type: object
- provider:
- description: 'The tracing provider: ''jaeger'' or ''otel''.'
- enum:
- - jaeger
- - otel
- type: string
- sampleRate:
- default: 1
- description: Set `sampleRate` to 1 if you wanna sampling 100%
- of trace data; set 0.5 if you wanna sampling 50% of trace data,
- and so forth.
- type: integer
- required:
- - provider
- type: object
- trivy:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- githubTokenRef:
- description: The name of the secret containing the token to connect
- to GitHub API.
- type: string
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- offlineScan:
- default: false
- description: Option prevents Trivy from sending API requests to
- identify dependencies. This option doesn’t affect DB download.
- You need to specify "skip-update" as well as "offline-scan"
- in an air-gapped environment.
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- skipUpdate:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- storage:
- properties:
- cachePersistentVolume:
- description: CachePersistentVolume specify the persistent
- volume used to store Trivy cache. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- reportsPersistentVolume:
- description: ReportsPersistentVolume specify the persistent
- volume used to store Trivy reports. If empty, empty dir
- will be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - storage
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- version:
- description: The version of the harbor, eg 2.1.2
- pattern: '[0-9]+\.[0-9]+\.[0-9]+'
- type: string
- required:
- - cache
- - database
- - expose
- - externalURL
- - harborAdminPasswordRef
- - storage
- - version
- type: object
- status:
- description: HarborClusterStatus defines the observed state of HarborCluster.
- properties:
- conditions:
- description: Conditions of each components
- items:
- description: HarborClusterCondition contains details for the current
- condition of this pod.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating details about
- last transition.
- type: string
- reason:
- description: Unique, one-word, CamelCase reason for the condition's
- last transition.
- type: string
- status:
- description: Status is the status of the condition. Can be True,
- False, Unknown.
- type: string
- type:
- description: Type is the type of the condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- revision:
- description: Revision of the status Use unix nano
- format: int64
- type: integer
- status:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
- of cluster Important: Run "make" to regenerate code after modifying
- this file Status indicates the overall status of the Harbor cluster
- Status can be "unknown", "creating", "healthy" and "unhealthy"'
- type: string
- required:
- - revision
- - status
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: harborconfigurations.goharbor.io
-spec:
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: HarborConfiguration
- listKind: HarborConfigurationList
- plural: harborconfigurations
- shortNames:
- - hc
- singular: harborconfiguration
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: HarborCluster name
- jsonPath: .spec.harborClusterRef
- name: HarborCluster
- type: string
- - description: HarborConfiguration status
- jsonPath: .status.status
- name: Status
- type: string
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: HarborConfiguration is the Schema for the harbors configuration.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborConfigurationSpec defines the spec of HarborConfiguration.
- properties:
- configuration:
- description: Configuration defines the harbor configuration types.
- properties:
- authMode:
- description: The auth mode of current system, such as "db_auth",
- "ldap_auth", "oidc_auth".
- type: string
- emailFrom:
- description: The sender name for Email notification.
- type: string
- emailHost:
- description: The hostname of SMTP server that sends Email notification.
- type: string
- emailIdentity:
- description: By default it's empty so the email_username is picked
- type: string
- emailInsecure:
- description: Whether or not the certificate will be verified when
- Harbor tries to access the email server.
- type: boolean
- emailPassword:
- description: Email password.
- type: string
- emailPort:
- description: The port of SMTP server.
- type: integer
- emailSsl:
- description: When it''s set to true the system will access Email
- server via TLS by default. If it''s set to false, it still
- will handle "STARTTLS" from server side.
- type: boolean
- emailUsername:
- description: The username for authenticate against SMTP server.
- type: string
- httpAuthproxyAdminGroups:
- description: The group which has the harbor admin privileges.
- type: string
- httpAuthproxyAdminUsernames:
- description: The username which has the harbor admin privileges.
- type: string
- httpAuthproxyEndpoint:
- description: The endpoint of the HTTP auth.
- type: string
- httpAuthproxyServerCertificate:
- description: The certificate of the HTTP auth provider.
- type: boolean
- httpAuthproxySkipSearch:
- description: Search user before onboard.
- type: boolean
- httpAuthproxyTokenreviewEndpoint:
- description: The token review endpoint.
- type: string
- httpAuthproxyVerifyCert:
- description: Verify the HTTP auth provider's certificate.
- type: boolean
- ldapBaseDn:
- description: The Base DN for LDAP binding.
- type: string
- ldapFilter:
- description: The filter for LDAP search.
- type: string
- ldapGroupAdminDn:
- description: Specify the ldap group which have the same privilege
- with Harbor admin.
- type: string
- ldapGroupAttributeName:
- description: The attribute which is used as identity of the LDAP
- group, default is cn.
- type: string
- ldapGroupBaseDn:
- description: The base DN to search LDAP group.
- type: string
- ldapGroupMembershipAttribute:
- description: The user attribute to identify the group membership.
- type: string
- ldapGroupSearchFilter:
- description: The filter to search the ldap group.
- type: string
- ldapGroupSearchScope:
- description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE,
- 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''.
- type: integer
- ldapScope:
- description: The scope to search ldap users,'0-LDAP_SCOPE_BASE,
- 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'.
- type: integer
- ldapSearchDn:
- description: The DN of the user to do the search.
- type: string
- ldapSearchPassword:
- description: The password ref of the ldap search dn.
- type: string
- ldapTimeout:
- description: Timeout in seconds for connection to LDAP server.
- type: integer
- ldapUid:
- description: The attribute which is used as identity for the LDAP
- binding, such as "CN" or "SAMAccountname".
- type: string
- ldapUrl:
- description: The URL of LDAP server.
- type: string
- ldapVerifyCert:
- description: Whether verify your OIDC server certificate, disable
- it if your OIDC server is hosted via self-hosted certificate.
- type: boolean
- notificationEnable:
- description: Enable notification.
- type: boolean
- oidcAdminGroup:
- description: The OIDC group which has the harbor admin privileges.
- type: string
- oidcAutoOnboard:
- description: Auto onboard the OIDC user.
- type: boolean
- oidcClientId:
- description: The client ID of the OIDC provider.
- type: string
- oidcClientSecret:
- description: The OIDC provider secret.
- type: string
- oidcEndpoint:
- description: The endpoint of the OIDC provider.
- type: string
- oidcExtraRedirectParms:
- description: Extra parameters to add when redirect request to
- OIDC provider.
- type: string
- oidcGroupsClaim:
- description: The attribute claims the group name.
- type: string
- oidcName:
- description: The OIDC provider name.
- type: string
- oidcScope:
- description: The scope of the OIDC provider.
- type: string
- oidcUserClaim:
- description: The attribute claims the username.
- type: string
- oidcVerifyCert:
- description: Verify the OIDC provider's certificate'.
- type: boolean
- projectCreationRestriction:
- description: Indicate who can create projects, it could be ''adminonly''
- or ''everyone''.
- type: string
- quotaPerProjectEnable:
- description: Enable quota per project.
- type: boolean
- readOnly:
- description: The flag to indicate whether Harbor is in readonly
- mode.
- type: boolean
- robotNamePrefix:
- description: The rebot account name prefix.
- type: string
- robotTokenDuration:
- description: The robot account token duration in days.
- type: integer
- selfRegistration:
- description: Whether the Harbor instance supports self-registration. If
- it''s set to false, admin need to add user to the instance.
- type: boolean
- storagePerProject:
- description: The storage quota per project.
- type: integer
- tokenExpiration:
- description: The expiration time of the token for internal Registry,
- in minutes.
- type: integer
- uaaClientId:
- description: The client id of UAA.
- type: string
- uaaClientSecret:
- description: The client secret of the UAA.
- type: string
- uaaEndpoint:
- description: The endpoint of the UAA.
- type: string
- uaaVerifyCert:
- description: Verify the certificate in UAA server.
- type: boolean
- type: object
- harborClusterRef:
- description: HarborClusterRef defines the reference of the harbor
- cluster name.
- type: string
- type: object
- status:
- description: HarborConfigurationStatus defines the status of HarborConfiguration.
- properties:
- lastApplyTime:
- description: LastApplyTime represents the last apply configuration
- time.
- format: date-time
- type: string
- lastConfiguration:
- description: LastConfiguration represents the configuration of last
- time.
- properties:
- configuration:
- description: Configuration defines the harbor configuration types.
- properties:
- authMode:
- description: The auth mode of current system, such as "db_auth",
- "ldap_auth", "oidc_auth".
- type: string
- emailFrom:
- description: The sender name for Email notification.
- type: string
- emailHost:
- description: The hostname of SMTP server that sends Email
- notification.
- type: string
- emailIdentity:
- description: By default it's empty so the email_username is
- picked
- type: string
- emailInsecure:
- description: Whether or not the certificate will be verified
- when Harbor tries to access the email server.
- type: boolean
- emailPassword:
- description: Email password.
- type: string
- emailPort:
- description: The port of SMTP server.
- type: integer
- emailSsl:
- description: When it''s set to true the system will access
- Email server via TLS by default. If it''s set to false,
- it still will handle "STARTTLS" from server side.
- type: boolean
- emailUsername:
- description: The username for authenticate against SMTP server.
- type: string
- httpAuthproxyAdminGroups:
- description: The group which has the harbor admin privileges.
- type: string
- httpAuthproxyAdminUsernames:
- description: The username which has the harbor admin privileges.
- type: string
- httpAuthproxyEndpoint:
- description: The endpoint of the HTTP auth.
- type: string
- httpAuthproxyServerCertificate:
- description: The certificate of the HTTP auth provider.
- type: boolean
- httpAuthproxySkipSearch:
- description: Search user before onboard.
- type: boolean
- httpAuthproxyTokenreviewEndpoint:
- description: The token review endpoint.
- type: string
- httpAuthproxyVerifyCert:
- description: Verify the HTTP auth provider's certificate.
- type: boolean
- ldapBaseDn:
- description: The Base DN for LDAP binding.
- type: string
- ldapFilter:
- description: The filter for LDAP search.
- type: string
- ldapGroupAdminDn:
- description: Specify the ldap group which have the same privilege
- with Harbor admin.
- type: string
- ldapGroupAttributeName:
- description: The attribute which is used as identity of the
- LDAP group, default is cn.
- type: string
- ldapGroupBaseDn:
- description: The base DN to search LDAP group.
- type: string
- ldapGroupMembershipAttribute:
- description: The user attribute to identify the group membership.
- type: string
- ldapGroupSearchFilter:
- description: The filter to search the ldap group.
- type: string
- ldapGroupSearchScope:
- description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE,
- 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''.
- type: integer
- ldapScope:
- description: The scope to search ldap users,'0-LDAP_SCOPE_BASE,
- 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'.
- type: integer
- ldapSearchDn:
- description: The DN of the user to do the search.
- type: string
- ldapSearchPassword:
- description: The password ref of the ldap search dn.
- type: string
- ldapTimeout:
- description: Timeout in seconds for connection to LDAP server.
- type: integer
- ldapUid:
- description: The attribute which is used as identity for the
- LDAP binding, such as "CN" or "SAMAccountname".
- type: string
- ldapUrl:
- description: The URL of LDAP server.
- type: string
- ldapVerifyCert:
- description: Whether verify your OIDC server certificate,
- disable it if your OIDC server is hosted via self-hosted
- certificate.
- type: boolean
- notificationEnable:
- description: Enable notification.
- type: boolean
- oidcAdminGroup:
- description: The OIDC group which has the harbor admin privileges.
- type: string
- oidcAutoOnboard:
- description: Auto onboard the OIDC user.
- type: boolean
- oidcClientId:
- description: The client ID of the OIDC provider.
- type: string
- oidcClientSecret:
- description: The OIDC provider secret.
- type: string
- oidcEndpoint:
- description: The endpoint of the OIDC provider.
- type: string
- oidcExtraRedirectParms:
- description: Extra parameters to add when redirect request
- to OIDC provider.
- type: string
- oidcGroupsClaim:
- description: The attribute claims the group name.
- type: string
- oidcName:
- description: The OIDC provider name.
- type: string
- oidcScope:
- description: The scope of the OIDC provider.
- type: string
- oidcUserClaim:
- description: The attribute claims the username.
- type: string
- oidcVerifyCert:
- description: Verify the OIDC provider's certificate'.
- type: boolean
- projectCreationRestriction:
- description: Indicate who can create projects, it could be
- ''adminonly'' or ''everyone''.
- type: string
- quotaPerProjectEnable:
- description: Enable quota per project.
- type: boolean
- readOnly:
- description: The flag to indicate whether Harbor is in readonly
- mode.
- type: boolean
- robotNamePrefix:
- description: The rebot account name prefix.
- type: string
- robotTokenDuration:
- description: The robot account token duration in days.
- type: integer
- selfRegistration:
- description: Whether the Harbor instance supports self-registration. If
- it''s set to false, admin need to add user to the instance.
- type: boolean
- storagePerProject:
- description: The storage quota per project.
- type: integer
- tokenExpiration:
- description: The expiration time of the token for internal
- Registry, in minutes.
- type: integer
- uaaClientId:
- description: The client id of UAA.
- type: string
- uaaClientSecret:
- description: The client secret of the UAA.
- type: string
- uaaEndpoint:
- description: The endpoint of the UAA.
- type: string
- uaaVerifyCert:
- description: Verify the certificate in UAA server.
- type: boolean
- type: object
- harborClusterRef:
- description: HarborClusterRef defines the reference of the harbor
- cluster name.
- type: string
- type: object
- message:
- description: Message provides human-readable message.
- type: string
- reason:
- description: Reason represents status reason.
- type: string
- status:
- description: Status represents harbor configuration status.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: harbors.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Harbor
- listKind: HarborList
- plural: harbors
- shortNames:
- - h
- singular: harbor
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The public URL to the Harbor application
- jsonPath: .spec.externalURL
- name: Public URL
- priority: 5
- type: string
- - description: The version to the Harbor application
- jsonPath: .spec.version
- name: Version
- priority: 5
- type: string
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Harbor is the Schema for the harbors API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborSpec defines the desired state of Harbor.
- properties:
- chartmuseum:
- properties:
- absoluteUrl:
- default: false
- description: Harbor defaults ChartMuseum to returning relative
- urls, if you want using absolute url you should enable it
- type: boolean
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- core:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tokenIssuer:
- description: ObjectReference is a reference to an object with
- a given name, kind and group.
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- required:
- - name
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- database:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- type: string
- sslMode:
- description: PostgreSQL has native support for using SSL connections
- to encrypt client/server communications for increased security.
- enum:
- - disable
- - allow
- - prefer
- - require
- - verify-ca
- - verify-full
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - hosts
- type: object
- exporter:
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the
- database and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- description: The metrics path of the exporter.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the exporter.
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- expose:
- properties:
- core:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- notary:
- description: The ingress of the notary, required when notary component
- enabled.
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - core
- type: object
- externalURL:
- pattern: https?://.*
- type: string
- harborAdminPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- imageChartStorage:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- filesystem:
- description: 'FileSystem is an implementation of the storagedriver.StorageDriver
- interface which uses the local filesystem. The local filesystem
- can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/'
- properties:
- chartPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- registryPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- required:
- - registryPersistentVolume
- type: object
- redirect:
- properties:
- disable:
- default: false
- type: boolean
- type: object
- s3:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Amazon S3 or S3 compatible services for
- object storage. See: https://docs.docker.com/registry/storage-drivers/s3/'
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles, omit
- to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store the
- registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks to
- be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the image
- in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt must
- be true, or this parameter is ignored).
- type: string
- region:
- description: The AWS region in which your bucket exists. For
- the moment, the Go AWS library in use does not use the newer
- DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services (Minio,
- etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3 keys
- to allow you to segment data in your bucket if necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS Secret
- Key. If you use IAM roles, omit to fetch temporary credentials
- from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is set
- to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version 4
- of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- description: 'An implementation of the storagedriver.StorageDriver
- interface that uses OpenStack Swift for object storage. See:
- https://docs.docker.com/registry/storage-drivers/swift/'
- properties:
- accesskey:
- description: The access key to generate temporary URLs. It
- is used by HP Cloud Object Storage in addition to the secretkey
- parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for example
- 3. By default the driver autodetects the auth’s version
- from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you wish
- to store the registry’s data. The driver creates the named
- container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3 API.
- You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3 API.
- You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set to
- true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container if necessary.
- Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either use
- tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either use
- tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- imageSource:
- properties:
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- repository:
- description: The default repository for the images of the components.
- eg docker.io/goharbor/
- type: string
- tagSuffix:
- description: The tag suffix for the images of the images of the
- components. eg '-patch1'
- type: string
- type: object
- internalTLS:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- jobservice:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- workerCount:
- default: 10
- format: int32
- minimum: 1
- type: integer
- type: object
- logLevel:
- default: info
- description: HarborLogLevel is the log level for Harbor.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- notary:
- properties:
- migrationEnabled:
- default: true
- description: Inject migration configuration to notary resources
- type: boolean
- server:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- signer:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- type: object
- portal:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- proxy:
- properties:
- components:
- default:
- - core
- - jobservice
- - trivy
- items:
- type: string
- type: array
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- description: Skip OpenAPI schema validation Use validating webhook
- to do verification (field required)
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- registry:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- relativeURLs:
- default: true
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storageMiddlewares:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- registryctl:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- trivy:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- githubTokenRef:
- description: The name of the secret containing the token to connect
- to GitHub API.
- type: string
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- skipUpdate:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- storage:
- properties:
- cachePersistentVolume:
- description: CachePersistentVolume specify the persistent
- volume used to store Trivy cache. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- reportsPersistentVolume:
- description: ReportsPersistentVolume specify the persistent
- volume used to store Trivy reports. If empty, empty dir
- will be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - storage
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- version:
- description: The version of the harbor, eg 2.1.2
- pattern: '[0-9]+\.[0-9]+\.[0-9]+'
- type: string
- required:
- - expose
- - externalURL
- - harborAdminPasswordRef
- - version
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: The public URL to the Harbor application
- jsonPath: .spec.externalURL
- name: Public URL
- priority: 5
- type: string
- - description: The version to the Harbor application
- jsonPath: .spec.version
- name: Version
- priority: 5
- type: string
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Harbor is the Schema for the harbors API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborSpec defines the desired state of Harbor.
- properties:
- chartmuseum:
- properties:
- absoluteUrl:
- default: false
- description: Harbor defaults ChartMuseum to returning relative
- urls, if you want using absolute url you should enable it
- type: boolean
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- core:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tokenIssuer:
- description: ObjectReference is a reference to an object with
- a given name, kind and group.
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- required:
- - name
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - tokenIssuer
- type: object
- database:
- properties:
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the name
- of the directory in which the socket file is stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server host,
- or socket file name extension for Unix-domain connections.
- Zero, specifies the default port number established when
- PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- passwordRef:
- description: Secret containing the password to be used if the
- server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- type: string
- sslMode:
- description: PostgreSQL has native support for using SSL connections
- to encrypt client/server communications for increased security.
- enum:
- - disable
- - allow
- - prefer
- - require
- - verify-ca
- - verify-full
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults to be
- the same as the operating system name of the user running the
- application.
- minLength: 1
- type: string
- required:
- - hosts
- type: object
- exporter:
- properties:
- cache:
- properties:
- cleanInterval:
- default: 4h
- description: The interval to clean the cache info from the
- database and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- duration:
- default: 30s
- description: The duration to cache info from the database
- and core.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- path:
- default: /metrics
- description: The metrics path of the exporter.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the exporter.
- format: int32
- minimum: 1
- type: integer
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- expose:
- properties:
- core:
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- notary:
- description: The ingress of the notary, required when notary component
- enabled.
- properties:
- ingress:
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- controller:
- default: default
- description: Set to the type of ingress controller.
- enum:
- - default
- - gce
- - ncp
- - contour
- type: string
- host:
- type: string
- ingressClassName:
- type: string
- required:
- - host
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- required:
- - core
- type: object
- externalURL:
- pattern: https?://.*
- type: string
- harborAdminPasswordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- imageChartStorage:
- properties:
- azure:
- description: An implementation of the storagedriver.StorageDriver
- interface which uses Microsoft Azure Blob Storage for object
- storage. See https://docs.docker.com/registry/storage-drivers/azure/
- properties:
- accountkeyRef:
- type: string
- accountname:
- type: string
- baseURL:
- default: core.windows.net
- type: string
- container:
- type: string
- pathPrefix:
- default: /azure/harbor/charts
- type: string
- type: object
- filesystem:
- description: 'FileSystem is an implementation of the storagedriver.StorageDriver
- interface which uses the local filesystem. The local filesystem
- can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/'
- properties:
- chartPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- registryPersistentVolume:
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- required:
- - registryPersistentVolume
- type: object
- gcs:
- description: An implementation of the storagedriver.StorageDriver
- interface which uses Google Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/gcs/
- properties:
- bucket:
- description: bucket to store charts for Gcs storage
- type: string
- chunkSize:
- type: string
- keyDataRef:
- description: The base64 encoded json file which contains the
- key
- type: string
- pathPrefix:
- type: string
- type: object
- oss:
- description: An implementation of the storagedriver.StorageDriver
- interface which uses Alibaba Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/oss/
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- type: string
- bucket:
- type: string
- chunksize:
- description: The Oss API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the image
- in encrypted format or not. A boolean value.
- type: boolean
- endpoint:
- type: string
- internal:
- default: false
- type: boolean
- pathPrefix:
- type: string
- region:
- pattern: oss-.*
- type: string
- secure:
- default: true
- type: boolean
- required:
- - accessKeyID
- - accessSecretRef
- - bucket
- - region
- type: object
- redirect:
- properties:
- disable:
- default: false
- type: boolean
- type: object
- s3:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Amazon S3 or S3 compatible services for
- object storage. See: https://docs.docker.com/registry/storage-drivers/s3/'
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles, omit
- to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store the
- registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks to
- be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the image
- in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt must
- be true, or this parameter is ignored).
- type: string
- multipartcopychunksize:
- format: int64
- type: integer
- multipartcopymaxconcurrency:
- format: int64
- type: integer
- multipartcopythresholdsize:
- format: int64
- type: integer
- region:
- description: The AWS region in which your bucket exists. For
- the moment, the Go AWS library in use does not use the newer
- DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services (Minio,
- etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3 keys
- to allow you to segment data in your bucket if necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS Secret
- Key. If you use IAM roles, omit to fetch temporary credentials
- from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is set
- to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version 4
- of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- description: 'An implementation of the storagedriver.StorageDriver
- interface that uses OpenStack Swift for object storage. See:
- https://docs.docker.com/registry/storage-drivers/swift/'
- properties:
- accesskey:
- description: The access key to generate temporary URLs. It
- is used by HP Cloud Object Storage in addition to the secretkey
- parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for example
- 3. By default the driver autodetects the auth’s version
- from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you wish
- to store the registry’s data. The driver creates the named
- container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3 API.
- You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3 API.
- You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set to
- true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container if necessary.
- Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either use
- tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either use
- tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- imageSource:
- properties:
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- repository:
- description: The default repository for the images of the components.
- eg docker.io/goharbor/
- type: string
- tagSuffix:
- description: The tag suffix for the images of the images of the
- components. eg '-patch1'
- type: string
- type: object
- internalTLS:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- jobservice:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- scanDataExportsPersistentVolume:
- description: ScanDataExportsPersistentVolume specify the persistent
- volume used to store data exports. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- workerCount:
- default: 10
- format: int32
- minimum: 1
- type: integer
- type: object
- logLevel:
- default: info
- description: HarborLogLevel is the log level for Harbor.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- network:
- description: Network settings for the harbor
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- notary:
- properties:
- migrationEnabled:
- default: true
- description: Inject migration configuration to notary resources
- type: boolean
- server:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- signer:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same
- namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true
- for the component to fit on a node. Selector which must
- match a node''s labels for the pod to be scheduled on that
- node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas.
- This is a pointer to distinguish between explicit zero and
- unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of
- compute resources required. If Requests is omitted for
- a container, it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified,
- allowed values are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration
- applies to. Empty means match all taint keys. If the
- key is empty, operator must be Exists; this combination
- means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship
- to the value. Valid operators are Exists and Equal.
- Defaults to Equal. Exists is equivalent to wildcard
- for value, so that a pod can tolerate all taints of
- a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period
- of time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the
- taint forever (do not evict). Zero and negative values
- will be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration
- matches to. If the operator is Exists, the value should
- be empty, otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- type: object
- portal:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- proxy:
- properties:
- components:
- default:
- - core
- - jobservice
- - trivy
- items:
- type: string
- type: array
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- registry:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- relativeURLs:
- default: true
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storageMiddlewares:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- registryctl:
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- trace:
- description: Trace settings for the harbor
- properties:
- attributes:
- additionalProperties:
- type: string
- description: A key value dict contains user defined attributes
- used to initialize trace provider.
- type: object
- enabled:
- default: false
- description: Enable tracing or not.
- type: boolean
- jaeger:
- properties:
- agent:
- properties:
- host:
- description: The host of the jaeger agent.
- type: string
- port:
- description: The port of the jaeger agent.
- type: integer
- type: object
- collector:
- properties:
- endpoint:
- description: The endpoint of the jaeger collector.
- type: string
- passwordRef:
- description: The password secret reference name of the
- jaeger collector.
- type: string
- username:
- description: The username of the jaeger collector.
- type: string
- required:
- - endpoint
- type: object
- mode:
- description: 'The jaeger mode: ''collector'' or ''agent''.'
- enum:
- - collector
- - agent
- type: string
- required:
- - mode
- type: object
- namespace:
- description: Namespace used to differentiate different harbor
- services.
- type: string
- otel:
- properties:
- compression:
- description: Whether enable compression or not for otel.
- type: boolean
- endpoint:
- description: The endpoint of otel.
- type: string
- insecure:
- description: Whether establish insecure connection or not
- for otel.
- type: boolean
- timeout:
- default: 10s
- description: The timeout of otel.
- type: string
- urlPath:
- description: The URL path of otel.
- type: string
- required:
- - endpoint
- - urlPath
- type: object
- provider:
- description: 'The tracing provider: ''jaeger'' or ''otel''.'
- enum:
- - jaeger
- - otel
- type: string
- sampleRate:
- default: 1
- description: Set `sampleRate` to 1 if you wanna sampling 100%
- of trace data; set 0.5 if you wanna sampling 50% of trace data,
- and so forth.
- type: integer
- required:
- - provider
- type: object
- trivy:
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- githubTokenRef:
- description: The name of the secret containing the token to connect
- to GitHub API.
- type: string
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information
- to let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for
- the component to fit on a node. Selector which must match a
- node''s labels for the pod to be scheduled on that node. More
- info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- offlineScan:
- default: false
- description: Option prevents Trivy from sending API requests to
- identify dependencies. This option doesn’t affect DB download.
- You need to specify "skip-update" as well as "offline-scan"
- in an air-gapped environment.
- type: boolean
- replicas:
- description: 'Replicas is the number of desired replicas. This
- is a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- skipUpdate:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- storage:
- properties:
- cachePersistentVolume:
- description: CachePersistentVolume specify the persistent
- volume used to store Trivy cache. If empty, empty dir will
- be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- reportsPersistentVolume:
- description: ReportsPersistentVolume specify the persistent
- volume used to store Trivy reports. If empty, empty dir
- will be used.
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- prefix:
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates
- any taint that matches the triple using
- the matching operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match.
- Empty means match all taint effects. When specified, allowed
- values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match
- all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to
- the value. Valid operators are Exists and Equal. Defaults
- to Equal. Exists is equivalent to wildcard for value,
- so that a pod can tolerate all taints of a particular
- category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of
- time the toleration (which must be of effect NoExecute,
- otherwise this field is ignored) tolerates the taint.
- By default, it is not set, which means tolerate the taint
- forever (do not evict). Zero and negative values will
- be treated as 0 (evict immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - storage
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- version:
- description: The version of the harbor, eg 2.1.2
- pattern: '[0-9]+\.[0-9]+\.[0-9]+'
- type: string
- required:
- - database
- - expose
- - externalURL
- - harborAdminPasswordRef
- - imageChartStorage
- - redis
- - version
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: harborserverconfigurations.goharbor.io
-spec:
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: HarborServerConfiguration
- listKind: HarborServerConfigurationList
- plural: harborserverconfigurations
- shortNames:
- - hsc
- singular: harborserverconfiguration
- scope: Cluster
- versions:
- - additionalPrinterColumns:
- - description: The public URL to the Harbor server
- jsonPath: .spec.serverURL
- name: Harbor Server
- type: string
- - description: The status of the Harbor server
- jsonPath: .status.status
- name: Status
- type: string
- - description: The version of the Harbor server
- jsonPath: .spec.version
- name: Version
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: HarborServerConfiguration is the Schema for the harborserverconfigurations
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HarborServerConfigurationSpec defines the desired state of
- HarborServerConfiguration.
- properties:
- accessCredential:
- description: AccessCredential is a namespaced credential to keep the
- access key and secret for the harbor server configuration.
- properties:
- accessSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- namespace:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - accessSecretRef
- - namespace
- type: object
- default:
- description: Default indicates the harbor configuration manages namespaces.
- Value in goharbor.io/harbor annotation will be considered with high
- priority. At most, one HarborServerConfiguration can be the default,
- multiple defaults will be rejected.
- type: boolean
- insecure:
- description: Indicate if the Harbor server is an insecure registry
- type: boolean
- namespaceSelector:
- description: "NamespaceSelector decides whether to apply the HSC on
- a namespace based on whether the namespace matches the selector.
- See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
- for more examples of label selectors. \n Default to the empty LabelSelector,
- which matches everything."
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- rules:
- description: Rules configures the container image rewrite rules for
- transparent proxy caching with Harbor.
- items:
- type: string
- type: array
- serverURL:
- pattern: (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^https?://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])
- type: string
- version:
- description: The version of the Harbor server
- pattern: (0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?
- type: string
- required:
- - accessCredential
- - serverURL
- - version
- type: object
- status:
- description: HarborConfigurationStatus defines the status of HarborServerConfiguration.
- properties:
- message:
- description: Message provides human-readable message.
- type: string
- reason:
- description: Reason represents status reason.
- type: string
- status:
- description: Status represents harbor configuration status.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: jobservices.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: JobService
- listKind: JobServiceList
- plural: jobservices
- singular: jobservice
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: JobService is the Schema for the JobService API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: JobServiceSpec defines the desired state of JobService.
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- core:
- properties:
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - secretRef
- - url
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- jobLoggers:
- default:
- files:
- - level: INFO
- sweeper: 720h
- volume:
- emptyDir:
- sizeLimit: 100Mi
- stdout:
- level: INFO
- description: Job logger configurations
- properties:
- database:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- files:
- items:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- volume:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file whose
- name is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no
- secret is required. If the secret object contains
- more than one secret, all secret references are
- passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing the
- pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of
- the pod: only annotations, labels, name
- and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of
- the relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the volume
- is only needed while the pod runs, b) features of
- normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified
- through a storage class, and d) the storage driver
- supports dynamic volume provisioning through a PersistentVolumeClaim
- (see EphemeralVolumeSource for more information on
- the connection between this volume type and PersistentVolumeClaim).
- \n Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the
- lifecycle of an individual pod. \n Use CSI for light-weight
- local ephemeral volumes if the CSI driver is meant
- to be used that way - see the documentation of the
- driver for more information. \n A pod can use both
- types of ephemeral volumes and persistent volumes
- at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will be
- the owner of the PVC, i.e. the PVC will be deleted
- together with the pod. The name of the PVC will
- be `-` where ``
- is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too
- long). \n An existing PVC with that name that
- is not owned by the pod will *not* be used for
- the pod to avoid using an unrelated volume by
- mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created
- PVC is meant to be used by the pod, the PVC has
- to updated with an owner reference to the pod
- once the pod exists. Normally this should not
- be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on the
- contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if the
- type of the specified object matches some
- installed volume populator or dynamic
- provisioner. This field will replace the
- functionality of the DataSource field
- and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
- same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
- preserves all values, and generates an
- error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are
- lower than previous value but must still
- be higher than capacity recorded in the
- status field of the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted for
- a container, it defaults to Limits
- if that is explicitly specified, otherwise
- to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty.
- This array is replaced during
- a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of
- {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and then
- exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO: how
- do we prevent errors in the filesystem from compromising
- the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to
- use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if
- any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at
- a particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo
- using git, then mount the EmptyDir into the Pod''s
- container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used for
- system agents or other privileged things that are
- allowed to see the host machine. Most containers will
- NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount host
- directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the link
- to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is written
- in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu and
- requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient of
- a token must identify itself with an
- identifier specified in the audience
- of the token, and otherwise should reject
- the token. The audience defaults to
- the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of the
- service account token. As the token
- approaches expiration, the kubelet volume
- plugin will proactively rotate the service
- account token. The kubelet will start
- trying to rotate the token if the token
- is older than 80 percent of its time
- to live or if the token is older than
- 24 hours.Defaults to 1 hour and must
- be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the Secret, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default
- behaviour. Set to "default" if you are not using
- namespaces within StorageOS. Namespaces that do
- not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- nullable: true
- type: array
- stdout:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- type: object
- type: object
- loggers:
- default:
- stdout:
- level: INFO
- description: Logger configurations
- properties:
- database:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- files:
- items:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- volume:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file whose
- name is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no
- secret is required. If the secret object contains
- more than one secret, all secret references are
- passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing the
- pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of
- the pod: only annotations, labels, name
- and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of
- the relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the volume
- is only needed while the pod runs, b) features of
- normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified
- through a storage class, and d) the storage driver
- supports dynamic volume provisioning through a PersistentVolumeClaim
- (see EphemeralVolumeSource for more information on
- the connection between this volume type and PersistentVolumeClaim).
- \n Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the
- lifecycle of an individual pod. \n Use CSI for light-weight
- local ephemeral volumes if the CSI driver is meant
- to be used that way - see the documentation of the
- driver for more information. \n A pod can use both
- types of ephemeral volumes and persistent volumes
- at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will be
- the owner of the PVC, i.e. the PVC will be deleted
- together with the pod. The name of the PVC will
- be `-` where ``
- is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too
- long). \n An existing PVC with that name that
- is not owned by the pod will *not* be used for
- the pod to avoid using an unrelated volume by
- mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created
- PVC is meant to be used by the pod, the PVC has
- to updated with an owner reference to the pod
- once the pod exists. Normally this should not
- be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on the
- contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if the
- type of the specified object matches some
- installed volume populator or dynamic
- provisioner. This field will replace the
- functionality of the DataSource field
- and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
- same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
- preserves all values, and generates an
- error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are
- lower than previous value but must still
- be higher than capacity recorded in the
- status field of the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted for
- a container, it defaults to Limits
- if that is explicitly specified, otherwise
- to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty.
- This array is replaced during
- a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of
- {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and then
- exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO: how
- do we prevent errors in the filesystem from compromising
- the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to
- use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if
- any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at
- a particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo
- using git, then mount the EmptyDir into the Pod''s
- container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used for
- system agents or other privileged things that are
- allowed to see the host machine. Most containers will
- NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount host
- directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the link
- to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is written
- in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu and
- requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient of
- a token must identify itself with an
- identifier specified in the audience
- of the token, and otherwise should reject
- the token. The audience defaults to
- the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of the
- service account token. As the token
- approaches expiration, the kubelet volume
- plugin will proactively rotate the service
- account token. The kubelet will start
- trying to rotate the token if the token
- is older than 80 percent of its time
- to live or if the token is older than
- 24 hours.Defaults to 1 hour and must
- be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the Secret, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default
- behaviour. Set to "default" if you are not using
- namespaces within StorageOS. Namespaces that do
- not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- nullable: true
- type: array
- stdout:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- type: object
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- registry:
- properties:
- controllerURL:
- pattern: https?://.+
- type: string
- credentials:
- properties:
- passwordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- type: string
- required:
- - passwordRef
- - username
- type: object
- url:
- pattern: https?://.+
- type: string
- required:
- - controllerURL
- - credentials
- - url
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenService:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- workerPool:
- description: Configurations of worker pool
- properties:
- backend:
- default: redis
- enum:
- - redis
- minLength: 1
- type: string
- redisPool:
- description: RedisPoolConfig keeps redis worker info.
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- idleTimeout:
- default: 30s
- description: IdleTimeoutSecond closes connections after remaining
- idle for this duration. If the value is zero, then idle
- connections are not closed. Applications should set the
- timeout to a value less than the server's timeout.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- namespace:
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- workers:
- default: 10
- description: Worker concurrency
- format: int32
- minimum: 1
- type: integer
- type: object
- required:
- - core
- - registry
- - secretRef
- - tokenService
- - workerPool
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: JobService is the Schema for the JobService API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: JobServiceSpec defines the desired state of JobService.
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- core:
- properties:
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- url:
- pattern: https?://.+
- type: string
- required:
- - secretRef
- - url
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- jobLoggers:
- default:
- files:
- - level: INFO
- sweeper: 720h
- volume:
- emptyDir:
- sizeLimit: 100Mi
- stdout:
- level: INFO
- description: Job logger configurations
- properties:
- database:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- files:
- items:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- volume:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file whose
- name is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no
- secret is required. If the secret object contains
- more than one secret, all secret references are
- passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing the
- pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of
- the pod: only annotations, labels, name
- and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of
- the relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the volume
- is only needed while the pod runs, b) features of
- normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified
- through a storage class, and d) the storage driver
- supports dynamic volume provisioning through a PersistentVolumeClaim
- (see EphemeralVolumeSource for more information on
- the connection between this volume type and PersistentVolumeClaim).
- \n Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the
- lifecycle of an individual pod. \n Use CSI for light-weight
- local ephemeral volumes if the CSI driver is meant
- to be used that way - see the documentation of the
- driver for more information. \n A pod can use both
- types of ephemeral volumes and persistent volumes
- at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will be
- the owner of the PVC, i.e. the PVC will be deleted
- together with the pod. The name of the PVC will
- be `-` where ``
- is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too
- long). \n An existing PVC with that name that
- is not owned by the pod will *not* be used for
- the pod to avoid using an unrelated volume by
- mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created
- PVC is meant to be used by the pod, the PVC has
- to updated with an owner reference to the pod
- once the pod exists. Normally this should not
- be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on the
- contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if the
- type of the specified object matches some
- installed volume populator or dynamic
- provisioner. This field will replace the
- functionality of the DataSource field
- and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
- same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
- preserves all values, and generates an
- error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are
- lower than previous value but must still
- be higher than capacity recorded in the
- status field of the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted for
- a container, it defaults to Limits
- if that is explicitly specified, otherwise
- to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty.
- This array is replaced during
- a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of
- {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and then
- exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO: how
- do we prevent errors in the filesystem from compromising
- the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to
- use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if
- any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at
- a particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo
- using git, then mount the EmptyDir into the Pod''s
- container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used for
- system agents or other privileged things that are
- allowed to see the host machine. Most containers will
- NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount host
- directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the link
- to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is written
- in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu and
- requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient of
- a token must identify itself with an
- identifier specified in the audience
- of the token, and otherwise should reject
- the token. The audience defaults to
- the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of the
- service account token. As the token
- approaches expiration, the kubelet volume
- plugin will proactively rotate the service
- account token. The kubelet will start
- trying to rotate the token if the token
- is older than 80 percent of its time
- to live or if the token is older than
- 24 hours.Defaults to 1 hour and must
- be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the Secret, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default
- behaviour. Set to "default" if you are not using
- namespaces within StorageOS. Namespaces that do
- not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- nullable: true
- type: array
- stdout:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- type: object
- type: object
- loggers:
- default:
- stdout:
- level: INFO
- description: Logger configurations
- properties:
- database:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- files:
- items:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- sweeper:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- volume:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file whose
- name is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no
- secret is required. If the secret object contains
- more than one secret, all secret references are
- passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing the
- pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of
- the pod: only annotations, labels, name
- and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of
- the relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the volume
- is only needed while the pod runs, b) features of
- normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified
- through a storage class, and d) the storage driver
- supports dynamic volume provisioning through a PersistentVolumeClaim
- (see EphemeralVolumeSource for more information on
- the connection between this volume type and PersistentVolumeClaim).
- \n Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the
- lifecycle of an individual pod. \n Use CSI for light-weight
- local ephemeral volumes if the CSI driver is meant
- to be used that way - see the documentation of the
- driver for more information. \n A pod can use both
- types of ephemeral volumes and persistent volumes
- at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will be
- the owner of the PVC, i.e. the PVC will be deleted
- together with the pod. The name of the PVC will
- be `-` where ``
- is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too
- long). \n An existing PVC with that name that
- is not owned by the pod will *not* be used for
- the pod to avoid using an unrelated volume by
- mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created
- PVC is meant to be used by the pod, the PVC has
- to updated with an owner reference to the pod
- once the pod exists. Normally this should not
- be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on the
- contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if the
- type of the specified object matches some
- installed volume populator or dynamic
- provisioner. This field will replace the
- functionality of the DataSource field
- and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
- same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
- preserves all values, and generates an
- error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If
- APIGroup is not specified, the specified
- Kind must be in the core API group.
- For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are
- lower than previous value but must still
- be higher than capacity recorded in the
- status field of the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted for
- a container, it defaults to Limits
- if that is explicitly specified, otherwise
- to an implementation-defined value.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty.
- This array is replaced during
- a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of
- {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and then
- exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO: how
- do we prevent errors in the filesystem from compromising
- the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to
- use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if
- any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at
- a particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo
- using git, then mount the EmptyDir into the Pod''s
- container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used for
- system agents or other privileged things that are
- allowed to see the host machine. Most containers will
- NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount host
- directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the link
- to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is written
- in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu and
- requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
- '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient of
- a token must identify itself with an
- identifier specified in the audience
- of the token, and otherwise should reject
- the token. The audience defaults to
- the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of the
- service account token. As the token
- approaches expiration, the kubelet volume
- plugin will proactively rotate the service
- account token. The kubelet will start
- trying to rotate the token if the token
- is older than 80 percent of its time
- to live or if the token is older than
- 24 hours.Defaults to 1 hour and must
- be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present in
- the Secret, the volume setup will error unless
- it is marked optional. Paths must be relative
- and may not contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default
- behaviour. Set to "default" if you are not using
- namespaces within StorageOS. Namespaces that do
- not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- nullable: true
- type: array
- stdout:
- properties:
- level:
- default: INFO
- description: JobServiceLogLevel is the log level for JobService.
- enum:
- - DEBUG
- - INFO
- - WARNING
- - ERROR
- - FATAL
- type: string
- type: object
- type: object
- metrics:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- description: The path of the metrics.
- pattern: /.+
- type: string
- port:
- default: 8001
- description: The port of the metrics.
- format: int32
- minimum: 1
- type: integer
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- registry:
- properties:
- controllerURL:
- pattern: https?://.+
- type: string
- credentials:
- properties:
- passwordRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- type: string
- required:
- - passwordRef
- - username
- type: object
- url:
- pattern: https?://.+
- type: string
- required:
- - controllerURL
- - credentials
- - url
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- scanDataExports:
- properties:
- prefix:
- type: string
- volumeSource:
- default:
- emptyDir:
- sizeLimit: 1Gi
- description: Represents the source of a volume to mount. Only
- one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
- on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set). defaults
- to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
- the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the
- secret object contains more than one secret, all
- secret references are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver. Consult
- your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the
- pod: only annotations, labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file, must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of the
- relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for
- volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle
- is tied to the pod that defines it - it will be created
- before the pod starts, and deleted when the pod is removed.
- \n Use this if: a) the volume is only needed while the
- pod runs, b) features of normal volumes like restoring
- from snapshot or capacity tracking are needed, c) the
- storage driver is specified through a storage class,
- and d) the storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral volumes
- if the CSI driver is meant to be used that way - see
- the documentation of the driver for more information.
- \n A pod can use both types of ephemeral volumes and
- persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which this
- EphemeralVolumeSource is embedded will be the owner
- of the PVC, i.e. the PVC will be deleted together
- with the pod. The name of the PVC will be `-` where `` is the
- name from the `PodSpec.Volumes` array entry. Pod
- validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long).
- \n An existing PVC with that name that is not owned
- by the pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting the
- pod is then blocked until the unrelated PVC is removed.
- If such a pre-created PVC is meant to be used by
- the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should
- not be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field is
- read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source, it
- will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are lower
- than previous value but must still be higher
- than capacity recorded in the status field
- of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required.
- If Requests is omitted for a container,
- it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key
- that the selector applies to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource that
- is attached to a kubelet's host machine and then exposed
- to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to use
- for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at a
- particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an EmptyDir
- into an InitContainer that clones the repo using git,
- then mount the EmptyDir into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
- the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name that
- details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly exposed
- to the container. This is generally used for system
- agents or other privileged things that are allowed to
- see the host machine. Most containers will NOT need
- this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host
- directory mounts and who can/can not mount host directories
- as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host. If
- the path is a symlink, it will follow the link to
- the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults to
- "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and then
- exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected along
- with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a
- field of the pod: only annotations,
- labels, name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in
- terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified API
- version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file to
- be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of
- the container: only resources limits
- and requests (limits.cpu, limits.memory,
- requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret data
- to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended audience
- of the token. A recipient of a token must
- identify itself with an identifier specified
- in the audience of the token, and otherwise
- should reject the token. The audience
- defaults to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration,
- the kubelet volume plugin will proactively
- rotate the service account token. The
- kubelet will start trying to rotate the
- token if the token is older than 80 percent
- of its time to live or if the token is
- older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative to
- the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references an
- already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret for
- ScaleIO user and other sensitive information. If
- this is not provided, Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope of
- the volume within StorageOS. If no namespace is
- specified then the Pod's namespace will be used. This
- allows the Kubernetes name scoping to be mirrored
- within StorageOS for tighter integration. Set VolumeName
- to any name to override the default behaviour. Set
- to "default" if you are not using namespaces within
- StorageOS. Namespaces that do not pre-exist within
- StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- required:
- - scanDataExports
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenService:
- properties:
- url:
- pattern: https?://.+
- type: string
- required:
- - url
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- trace:
- properties:
- attributes:
- additionalProperties:
- type: string
- description: A key value dict contains user defined attributes
- used to initialize trace provider.
- type: object
- enabled:
- default: false
- description: Enable tracing or not.
- type: boolean
- jaeger:
- properties:
- agent:
- properties:
- host:
- description: The host of the jaeger agent.
- type: string
- port:
- description: The port of the jaeger agent.
- type: integer
- type: object
- collector:
- properties:
- endpoint:
- description: The endpoint of the jaeger collector.
- type: string
- passwordRef:
- description: The password secret reference name of the
- jaeger collector.
- type: string
- username:
- description: The username of the jaeger collector.
- type: string
- required:
- - endpoint
- type: object
- mode:
- description: 'The jaeger mode: ''collector'' or ''agent''.'
- enum:
- - collector
- - agent
- type: string
- required:
- - mode
- type: object
- namespace:
- description: Namespace used to differentiate different harbor
- services.
- type: string
- otel:
- properties:
- compression:
- description: Whether enable compression or not for otel.
- type: boolean
- endpoint:
- description: The endpoint of otel.
- type: string
- insecure:
- description: Whether establish insecure connection or not
- for otel.
- type: boolean
- timeout:
- default: 10s
- description: The timeout of otel.
- type: string
- urlPath:
- description: The URL path of otel.
- type: string
- required:
- - endpoint
- - urlPath
- type: object
- provider:
- description: 'The tracing provider: ''jaeger'' or ''otel''.'
- enum:
- - jaeger
- - otel
- type: string
- sampleRate:
- default: 1
- description: Set `sampleRate` to 1 if you wanna sampling 100%
- of trace data; set 0.5 if you wanna sampling 50% of trace data,
- and so forth.
- type: integer
- required:
- - provider
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- workerPool:
- description: Configurations of worker pool
- properties:
- backend:
- default: redis
- enum:
- - redis
- minLength: 1
- type: string
- redisPool:
- description: RedisPoolConfig keeps redis worker info.
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- idleTimeout:
- default: 30s
- description: IdleTimeoutSecond closes connections after remaining
- idle for this duration. If the value is zero, then idle
- connections are not closed. Applications should set the
- timeout to a value less than the server's timeout.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- namespace:
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- workers:
- default: 10
- description: Worker concurrency
- format: int32
- minimum: 1
- type: integer
- type: object
- required:
- - core
- - registry
- - secretRef
- - tokenService
- - workerPool
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: notaryservers.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: NotaryServer
- listKind: NotaryServerList
- plural: notaryservers
- singular: notaryserver
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: NotaryServer is the Schema for the NotaryServer API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NotaryServerSpec defines the desired state of NotaryServer.
- properties:
- authentication:
- properties:
- token:
- properties:
- autoredirect:
- default: true
- type: boolean
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- issuer:
- type: string
- realm:
- type: string
- service:
- type: string
- required:
- - certificateRef
- - issuer
- - realm
- - service
- type: object
- required:
- - token
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- logging:
- properties:
- level:
- default: info
- description: NotaryLogLevel is the log level for NotaryServer
- and NotarySigner.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- migrationEnabled:
- type: boolean
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- postgres:
- properties:
- database:
- description: The database name. Defaults to be the same as
- the user name. In certain contexts, the value is checked
- for extended formats.
- minLength: 1
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the
- name of the directory in which the socket file is
- stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server
- host, or socket file name extension for Unix-domain
- connections. Zero, specifies the default port number
- established when PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if
- the server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults
- to be the same as the operating system name of the user
- running the application.
- minLength: 1
- type: string
- type: object
- required:
- - postgres
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- trustService:
- properties:
- remote:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- type: string
- keyAlgorithm:
- default: ecdsa
- enum:
- - ecdsa
- - rsa
- - ed25519
- type: string
- port:
- default: 443
- exclusiveMinimum: true
- format: int64
- minimum: 0
- type: integer
- required:
- - host
- type: object
- type: object
- required:
- - trustService
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: NotaryServer is the Schema for the NotaryServer API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NotaryServerSpec defines the desired state of NotaryServer.
- properties:
- authentication:
- properties:
- token:
- properties:
- autoredirect:
- default: true
- type: boolean
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- issuer:
- type: string
- realm:
- type: string
- service:
- type: string
- required:
- - certificateRef
- - issuer
- - realm
- - service
- type: object
- required:
- - token
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- logging:
- properties:
- level:
- default: info
- description: NotaryLogLevel is the log level for NotaryServer
- and NotarySigner.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- migrationEnabled:
- type: boolean
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- postgres:
- properties:
- database:
- description: The database name. Defaults to be the same as
- the user name. In certain contexts, the value is checked
- for extended formats.
- minLength: 1
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the
- name of the directory in which the socket file is
- stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server
- host, or socket file name extension for Unix-domain
- connections. Zero, specifies the default port number
- established when PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if
- the server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults
- to be the same as the operating system name of the user
- running the application.
- minLength: 1
- type: string
- type: object
- required:
- - postgres
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- trustService:
- properties:
- remote:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- host:
- type: string
- keyAlgorithm:
- default: ecdsa
- enum:
- - ecdsa
- - rsa
- - ed25519
- type: string
- port:
- default: 443
- exclusiveMinimum: true
- format: int64
- minimum: 0
- type: integer
- required:
- - host
- type: object
- type: object
- required:
- - trustService
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: notarysigners.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: NotarySigner
- listKind: NotarySignerList
- plural: notarysigners
- singular: notarysigner
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: NotarySigner is the Schema for the NotarySigner API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NotarySignerSpec defines the desired state of NotarySigner.
- properties:
- authentatication:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - certificateRef
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- logging:
- properties:
- level:
- default: info
- description: NotaryLogLevel is the log level for NotaryServer
- and NotarySigner.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- migrationEnabled:
- type: boolean
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- aliasesRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- postgres:
- properties:
- database:
- description: The database name. Defaults to be the same as
- the user name. In certain contexts, the value is checked
- for extended formats.
- minLength: 1
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the
- name of the directory in which the socket file is
- stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server
- host, or socket file name extension for Unix-domain
- connections. Zero, specifies the default port number
- established when PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if
- the server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults
- to be the same as the operating system name of the user
- running the application.
- minLength: 1
- type: string
- type: object
- required:
- - aliasesRef
- - postgres
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - authentatication
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: NotarySigner is the Schema for the NotarySigner API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NotarySignerSpec defines the desired state of NotarySigner.
- properties:
- authentatication:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - certificateRef
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- logging:
- properties:
- level:
- default: info
- description: NotaryLogLevel is the log level for NotaryServer
- and NotarySigner.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- migrationEnabled:
- type: boolean
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- aliasesRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- postgres:
- properties:
- database:
- description: The database name. Defaults to be the same as
- the user name. In certain contexts, the value is checked
- for extended formats.
- minLength: 1
- type: string
- hosts:
- items:
- properties:
- host:
- description: Name of host to connect to. If a host name
- begins with a slash, it specifies Unix-domain communication
- rather than TCP/IP communication; the value is the
- name of the directory in which the socket file is
- stored.
- minLength: 1
- type: string
- port:
- description: Port number to connect to at the server
- host, or socket file name extension for Unix-domain
- connections. Zero, specifies the default port number
- established when PostgreSQL was built.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- required:
- - host
- type: object
- minItems: 1
- type: array
- parameters:
- additionalProperties:
- type: string
- description: libpq parameters.
- type: object
- passwordRef:
- description: Secret containing the password to be used if
- the server demands password authentication.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- username:
- description: PostgreSQL user name to connect as. Defaults
- to be the same as the operating system name of the user
- running the application.
- minLength: 1
- type: string
- type: object
- required:
- - aliasesRef
- - postgres
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - authentatication
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: portals.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Portal
- listKind: PortalList
- plural: portals
- singular: portal
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Portal is the Schema for the portals API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: PortalSpec defines the desired state of Portal.
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- maxConnections:
- default: 1024
- description: Sets the maximum number of simultaneous connections that
- can be opened.
- format: int32
- minimum: 0
- type: integer
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Portal is the Schema for the portals API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: PortalSpec defines the desired state of Portal.
- properties:
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- maxConnections:
- default: 1024
- description: Sets the maximum number of simultaneous connections that
- can be opened.
- format: int32
- minimum: 0
- type: integer
- network:
- description: Network settings for the portal
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: pullsecretbindings.goharbor.io
-spec:
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: PullSecretBinding
- listKind: PullSecretBindingList
- plural: pullsecretbindings
- shortNames:
- - psb
- singular: pullsecretbinding
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The Harbor server configuration CR reference
- jsonPath: .spec.harborServerConfig
- name: Harbor Server
- type: string
- - description: The service account binding the pull secret
- jsonPath: .spec.serviceAccount
- name: Service Account
- type: string
- - description: The status of the Harbor server
- jsonPath: .status.status
- name: Status
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: PullSecretBinding is the Schema for the pullsecretbindings API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: PullSecretBindingSpec defines the desired state of PullSecretBinding.
- properties:
- harborServerConfig:
- description: Indicate which harbor server configuration is referred
- type: string
- projectId:
- description: ProjectID points to the project associated with the secret
- binding
- type: string
- robotId:
- description: RobotID points to the robot account id used for secret
- binding
- type: string
- serviceAccount:
- description: Indicate which service account binds the pull secret
- type: string
- required:
- - harborServerConfig
- - projectId
- - robotId
- - serviceAccount
- type: object
- status:
- description: PullSecretBindingStatus defines the observed state of PullSecretBinding.
- properties:
- message:
- description: Message provides human-readable message.
- type: string
- reason:
- description: Reason represents status reason.
- type: string
- status:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
- of cluster Important: Run "make" to regenerate code after modifying
- this file Indicate the status of binding: `binding`, `bound` and
- `unknown`'
- type: string
- required:
- - status
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: registries.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Registry
- listKind: RegistryList
- plural: registries
- singular: registry
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Registry is the Schema for the registries API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/
- properties:
- authentication:
- properties:
- htPasswd:
- properties:
- realm:
- type: string
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - realm
- - secretRef
- type: object
- silly:
- properties:
- realm:
- type: string
- service:
- type: string
- required:
- - realm
- - service
- type: object
- token:
- properties:
- autoredirect:
- type: boolean
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- issuer:
- type: string
- realm:
- type: string
- service:
- type: string
- required:
- - certificateRef
- - issuer
- - realm
- - service
- type: object
- type: object
- certificateRefs:
- items:
- type: string
- type: array
- compatibility:
- properties:
- schema1:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- enabled:
- default: false
- type: boolean
- type: object
- type: object
- health:
- properties:
- file:
- items:
- properties:
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- path:
- type: string
- required:
- - path
- type: object
- type: array
- http:
- items:
- properties:
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- type: object
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- statuscode:
- default: 200
- format: int32
- minimum: 0
- type: integer
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- uri:
- pattern: https?://.+
- type: string
- required:
- - uri
- type: object
- type: array
- storageDriver:
- properties:
- enabled:
- default: true
- type: boolean
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- threshold:
- default: 3
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- type: object
- tcp:
- items:
- properties:
- address:
- type: string
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- required:
- - address
- type: object
- type: array
- type: object
- http:
- properties:
- debug:
- description: Use debug option to configure a debug server that
- can be helpful in diagnosing problems. The debug endpoint can
- be used for monitoring registry metrics and health, as well
- as profiling. Sensitive information may be available via the
- debug endpoint. Please be certain that access to the debug endpoint
- is locked down in a production environment.
- properties:
- port:
- default: 5001
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- prometheus:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- type: string
- type: object
- type: object
- drainTimeout:
- description: Amount of time to wait for HTTP connections to drain
- before shutting down after registry receives SIGTERM signal
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- default:
- X-Content-Type-Options:
- - nosniff
- description: 'Use this option to specify headers that the HTTP
- server should include in responses. This can be used for security
- headers such as Strict-Transport-Security. The headers option
- should contain an option for each header to include, where the
- parameter name is the header’s name, and the parameter value
- a list of the header’s payload values. Including X-Content-Type-Options:
- [nosniff] is recommended, sothat browsers will not interpret
- content as HTML if they are directed to load a page from the
- registry. This header is included in the example configuration
- file.'
- type: object
- host:
- description: A fully-qualified URL for an externally-reachable
- address for the registry. If present, it is used when creating
- generated URLs. Otherwise, these URLs are derived from client
- requests.
- type: string
- http2:
- description: Use the http2 structure to control http2 settings
- for the registry.
- properties:
- disabled:
- default: false
- type: boolean
- type: object
- net:
- default: tcp
- description: The network used to create a listening socket.
- enum:
- - unix
- - tcp
- type: string
- prefix:
- description: If the server does not run at the root path, set
- this to the value of the prefix. The root path is the section
- before v2. It requires both preceding and trailing slashes,
- such as in the example /path/.
- pattern: (/(.+/)?)?
- type: string
- relativeURLs:
- default: true
- description: If true, the registry returns relative URLs in Location
- headers. The client is responsible for resolving the correct
- URL. This option is not compatible with Docker 1.7 and earlier.
- type: boolean
- secretRef:
- description: The secret name containing a random piece of data
- used to sign state that may be stored with the client to protect
- against tampering. For production environments you should generate
- a random piece of data using a cryptographically secure random
- generator. If you omit the secret, the registry will automatically
- generate a secret when it starts. If you are building a cluster
- of registries behind a load balancer, you MUST ensure the secret
- is the same for all registries.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tls:
- description: Use this to configure TLS for the server. If you
- already have a web server running on the same host as the registry,
- you may prefer to configure TLS on that web server and proxy
- connections to the registry server.
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- default:
- formatter: text
- level: info
- properties:
- accessLog:
- properties:
- disabled:
- default: false
- type: boolean
- type: object
- fields:
- additionalProperties:
- type: string
- type: object
- formatter:
- default: text
- description: RegistryLogFormatter is the log formatter for Registry.
- enum:
- - text
- - json
- - logstash
- type: string
- hooks:
- items:
- properties:
- levels:
- items:
- type: string
- type: array
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type:
- type: string
- required:
- - levels
- - optionsRef
- - type
- type: object
- type: array
- level:
- default: info
- description: RegistryLogLevel is the log level for Registry.
- enum:
- - debug
- - info
- - warning
- - error
- type: string
- type: object
- middlewares:
- properties:
- registry:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- repository:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- storage:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- notifications:
- properties:
- endpoints:
- description: The endpoints structure contains a list of named
- services (URLs) that can accept event notifications.
- items:
- properties:
- backoff:
- default: 10s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- disabled:
- default: false
- description: If true, notifications are disabled for the
- service.
- type: boolean
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- type: object
- ignore:
- properties:
- actions:
- items:
- type: string
- type: array
- mediaTypes:
- items:
- type: string
- type: array
- type: object
- ignoredMediaTypes:
- items:
- type: string
- type: array
- name:
- description: A human-readable name for the service.
- type: string
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- description: A value for the HTTP timeout. A positive integer
- and an optional suffix indicating the unit of time, which
- may be ns, us, ms, s, m, or h. If you omit the unit of
- time, ns is used.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- url:
- description: The URL to which events should be published.
- pattern: https?://.+
- type: string
- required:
- - name
- - url
- type: object
- type: array
- events:
- properties:
- includeReferences:
- default: true
- type: boolean
- type: object
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- dialTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- pool:
- properties:
- idleTimeout:
- default: 30s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- maxActive:
- default: 5
- format: int32
- minimum: 0
- type: integer
- maxIdle:
- default: 3
- format: int32
- minimum: 0
- type: integer
- type: object
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- readTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- writeTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- reporting:
- additionalProperties:
- type: string
- type: object
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- cache:
- properties:
- blobdescriptor:
- enum:
- - inmemory
- - redis
- type: string
- type: object
- delete:
- properties:
- enabled:
- default: true
- type: boolean
- type: object
- driver:
- properties:
- filesystem:
- description: 'FileSystem is an implementation of the storagedriver.StorageDriver
- interface which uses the local filesystem. The local filesystem
- can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/'
- properties:
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- volumeSource:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: The URI the data disk in the blob
- storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on
- the host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that
- should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your
- admin for the correct name as registered in
- the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if
- no secret is required. If the secret object
- contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by
- default. Must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits.
- Defaults to 0644. Directories within the path
- are not affected by this setting. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the
- volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or
- capacity tracking are needed, c) the storage driver
- is specified through a storage class, and d) the
- storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral
- volumes if the CSI driver is meant to be used that
- way - see the documentation of the driver for more
- information. \n A pod can use both types of ephemeral
- volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will
- be the owner of the PVC, i.e. the PVC will be
- deleted together with the pod. The name of
- the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes`
- array entry. Pod validation will reject the
- pod if the concatenated name is not valid for
- a PVC (for example, too long). \n An existing
- PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting
- the pod is then blocked until the unrelated
- PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to
- updated with an owner reference to the pod once
- the pod exists. Normally this should not be
- necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by
- Kubernetes to the PVC after it has been created.
- \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will
- be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the
- desired access modes the volume should
- have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on
- the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
- if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
- preserves all values, and generates
- an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the
- minimum resources the volume should
- have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed
- to specify resource requirements that
- are lower than previous value but must
- still be higher than capacity recorded
- in the status field of the claim. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the
- maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted
- for a container, it defaults to
- Limits if that is explicitly specified,
- otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a
- list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a
- set of values. Valid operators
- are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values
- array must be non-empty. If
- the operator is Exists or
- DoesNotExist, the values array
- must be empty. This array
- is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map
- of {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim.
- Value of Filesystem is implied when
- not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding
- reference to the PersistentVolume backing
- this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and
- then exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver
- to use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options
- if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the
- Flocker control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository
- at a particular revision. DEPRECATED: GitRepo is
- deprecated. To provision a container with a git
- repo, mount an EmptyDir into an InitContainer that
- clones the repo using git, then mount the EmptyDir
- into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used
- for system agents or other privileged things that
- are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount
- host directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the
- link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS
- server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS
- export to be mounted with read-only permissions.
- Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this
- volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets
- host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem
- type to mount Must be a filesystem type supported
- by the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile
- represents information to create
- the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is
- written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path.
- Must be utf-8 encoded. The first
- item of the relative path must
- not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu
- and requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the
- output format of the exposed
- resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient
- of a token must identify itself with
- an identifier specified in the audience
- of the token, and otherwise should
- reject the token. The audience defaults
- to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of
- the service account token. As the
- token approaches expiration, the kubelet
- volume plugin will proactively rotate
- the service account token. The kubelet
- will start trying to rotate the token
- if the token is older than 80 percent
- of its time to live or if the token
- is older than 24 hours.Defaults to
- 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to
- project the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on
- the host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device
- mount on the host that shares a pod''s lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring
- for RBDUser. Default is /etc/ceph/keyring. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its
- keys must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to
- use for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable
- name of the StorageOS volume. Volume names
- are only unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter
- integration. Set VolumeName to any name to override
- the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will
- be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- required:
- - volumeSource
- type: object
- inmemory:
- description: 'InMemory storage driver is for purely tests
- purposes. This driver is an implementation of the storagedriver.StorageDriver
- interface which uses local memory for object storage. If
- you would like to run a registry from volatile memory, use
- the filesystem driver on a ramdisk. IMPORTANT: This storage
- driver does not persist data across runs. This is why it
- is only suitable for testing. Never use this driver in production.
- See: https://docs.docker.com/registry/storage-drivers/inmemory/'
- type: object
- s3:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Amazon S3 or S3 compatible services
- for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/'
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles,
- omit to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store
- the registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the
- image in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt
- must be true, or this parameter is ignored).
- type: string
- region:
- description: The AWS region in which your bucket exists.
- For the moment, the Go AWS library in use does not use
- the newer DNS based bucket routing. For a list of regions,
- see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services
- (Minio, etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3
- keys to allow you to segment data in your bucket if
- necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS
- Secret Key. If you use IAM roles, omit to fetch temporary
- credentials from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is
- set to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version
- 4 of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- description: 'An implementation of the storagedriver.StorageDriver
- interface that uses OpenStack Swift for object storage.
- See: https://docs.docker.com/registry/storage-drivers/swift/'
- properties:
- accesskey:
- description: The access key to generate temporary URLs.
- It is used by HP Cloud Object Storage in addition to
- the secretkey parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for
- example 3. By default the driver autodetects the auth’s
- version from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you
- wish to store the registry’s data. The driver creates
- the named container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3
- API. You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3
- API. You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to
- swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set
- to true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container
- if necessary. Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary
- URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either
- use tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either
- use tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- maintenance:
- properties:
- readOnly:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- uploadPurging:
- properties:
- age:
- default: 168h
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- dryRun:
- default: false
- type: boolean
- enabled:
- default: false
- type: boolean
- interval:
- default: 24h
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- type: object
- redirect:
- properties:
- disable:
- default: false
- type: boolean
- type: object
- required:
- - driver
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- validation:
- properties:
- disabled:
- type: boolean
- manifests:
- properties:
- urls:
- properties:
- allow:
- items:
- type: string
- type: array
- deny:
- items:
- type: string
- type: array
- type: object
- type: object
- type: object
- required:
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- required:
- - metadata
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Registry is the Schema for the registries API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/
- properties:
- authentication:
- properties:
- htPasswd:
- properties:
- realm:
- type: string
- secretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - realm
- - secretRef
- type: object
- silly:
- properties:
- realm:
- type: string
- service:
- type: string
- required:
- - realm
- - service
- type: object
- token:
- properties:
- autoredirect:
- type: boolean
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- issuer:
- type: string
- realm:
- type: string
- service:
- type: string
- required:
- - certificateRef
- - issuer
- - realm
- - service
- type: object
- type: object
- certificateRefs:
- items:
- type: string
- type: array
- compatibility:
- properties:
- schema1:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- enabled:
- default: false
- type: boolean
- type: object
- type: object
- health:
- properties:
- file:
- items:
- properties:
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- path:
- type: string
- required:
- - path
- type: object
- type: array
- http:
- items:
- properties:
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- type: object
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- statuscode:
- default: 200
- format: int32
- minimum: 0
- type: integer
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- uri:
- pattern: https?://.+
- type: string
- required:
- - uri
- type: object
- type: array
- storageDriver:
- properties:
- enabled:
- default: true
- type: boolean
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- threshold:
- default: 3
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- type: object
- tcp:
- items:
- properties:
- address:
- type: string
- interval:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- required:
- - address
- type: object
- type: array
- type: object
- http:
- properties:
- debug:
- description: Use debug option to configure a debug server that
- can be helpful in diagnosing problems. The debug endpoint can
- be used for monitoring registry metrics and health, as well
- as profiling. Sensitive information may be available via the
- debug endpoint. Please be certain that access to the debug endpoint
- is locked down in a production environment.
- properties:
- port:
- default: 5001
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- prometheus:
- properties:
- enabled:
- default: false
- type: boolean
- path:
- default: /metrics
- type: string
- type: object
- type: object
- drainTimeout:
- description: Amount of time to wait for HTTP connections to drain
- before shutting down after registry receives SIGTERM signal
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- default:
- X-Content-Type-Options:
- - nosniff
- description: 'Use this option to specify headers that the HTTP
- server should include in responses. This can be used for security
- headers such as Strict-Transport-Security. The headers option
- should contain an option for each header to include, where the
- parameter name is the header’s name, and the parameter value
- a list of the header’s payload values. Including X-Content-Type-Options:
- [nosniff] is recommended, sothat browsers will not interpret
- content as HTML if they are directed to load a page from the
- registry. This header is included in the example configuration
- file.'
- type: object
- host:
- description: A fully-qualified URL for an externally-reachable
- address for the registry. If present, it is used when creating
- generated URLs. Otherwise, these URLs are derived from client
- requests.
- type: string
- http2:
- description: Use the http2 structure to control http2 settings
- for the registry.
- properties:
- disabled:
- default: false
- type: boolean
- type: object
- net:
- default: tcp
- description: The network used to create a listening socket.
- enum:
- - unix
- - tcp
- type: string
- prefix:
- description: If the server does not run at the root path, set
- this to the value of the prefix. The root path is the section
- before v2. It requires both preceding and trailing slashes,
- such as in the example /path/.
- pattern: (/(.+/)?)?
- type: string
- relativeURLs:
- default: true
- description: If true, the registry returns relative URLs in Location
- headers. The client is responsible for resolving the correct
- URL. This option is not compatible with Docker 1.7 and earlier.
- type: boolean
- secretRef:
- description: The secret name containing a random piece of data
- used to sign state that may be stored with the client to protect
- against tampering. For production environments you should generate
- a random piece of data using a cryptographically secure random
- generator. If you omit the secret, the registry will automatically
- generate a secret when it starts. If you are building a cluster
- of registries behind a load balancer, you MUST ensure the secret
- is the same for all registries.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tls:
- description: Use this to configure TLS for the server. If you
- already have a web server running on the same host as the registry,
- you may prefer to configure TLS on that web server and proxy
- connections to the registry server.
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- default:
- formatter: text
- level: info
- properties:
- accessLog:
- properties:
- disabled:
- default: false
- type: boolean
- type: object
- fields:
- additionalProperties:
- type: string
- type: object
- formatter:
- default: text
- description: RegistryLogFormatter is the log formatter for Registry.
- enum:
- - text
- - json
- - logstash
- type: string
- hooks:
- items:
- properties:
- levels:
- items:
- type: string
- type: array
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type:
- type: string
- required:
- - levels
- - optionsRef
- - type
- type: object
- type: array
- level:
- default: info
- description: RegistryLogLevel is the log level for Registry.
- enum:
- - debug
- - info
- - warning
- - error
- type: string
- type: object
- middlewares:
- properties:
- registry:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- repository:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- storage:
- items:
- properties:
- name:
- type: string
- optionsRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- required:
- - name
- type: object
- type: array
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- notifications:
- properties:
- endpoints:
- description: The endpoints structure contains a list of named
- services (URLs) that can accept event notifications.
- items:
- properties:
- backoff:
- default: 10s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- disabled:
- default: false
- description: If true, notifications are disabled for the
- service.
- type: boolean
- headers:
- additionalProperties:
- items:
- type: string
- type: array
- type: object
- ignore:
- properties:
- actions:
- items:
- type: string
- type: array
- mediaTypes:
- items:
- type: string
- type: array
- type: object
- ignoredMediaTypes:
- items:
- type: string
- type: array
- name:
- description: A human-readable name for the service.
- type: string
- threshold:
- default: 3
- format: int32
- minimum: 0
- type: integer
- timeout:
- default: 5s
- description: A value for the HTTP timeout. A positive integer
- and an optional suffix indicating the unit of time, which
- may be ns, us, ms, s, m, or h. If you omit the unit of
- time, ns is used.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- url:
- description: The URL to which events should be published.
- pattern: https?://.+
- type: string
- required:
- - name
- - url
- type: object
- type: array
- events:
- properties:
- includeReferences:
- default: true
- type: boolean
- type: object
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- dialTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- host:
- description: Server hostname.
- minLength: 1
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- pool:
- properties:
- idleTimeout:
- default: 30s
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- maxActive:
- default: 5
- format: int32
- minimum: 0
- type: integer
- maxIdle:
- default: 3
- format: int32
- minimum: 0
- type: integer
- type: object
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- readTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- writeTimeout:
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- reporting:
- additionalProperties:
- type: string
- type: object
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- storage:
- properties:
- cache:
- properties:
- blobdescriptor:
- enum:
- - inmemory
- - redis
- type: string
- type: object
- delete:
- properties:
- enabled:
- default: true
- type: boolean
- type: object
- driver:
- properties:
- azure:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Microsoft Azure Blob Storage for object
- storage. See: https://docs.docker.com/registry/storage-drivers/azure/'
- properties:
- accountkeyRef:
- type: string
- accountname:
- type: string
- baseURL:
- default: core.windows.net
- type: string
- container:
- type: string
- pathPrefix:
- default: /azure/harbor/charts
- type: string
- type: object
- filesystem:
- description: 'FileSystem is an implementation of the storagedriver.StorageDriver
- interface which uses the local filesystem. The local filesystem
- can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/'
- properties:
- maxthreads:
- default: 100
- format: int32
- minimum: 25
- type: integer
- prefix:
- type: string
- volumeSource:
- description: Represents the source of a volume to mount.
- Only one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
- Disk resource that is attached to a kubelet''s host
- machine and then exposed to the pod. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: The URI the data disk in the blob
- storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on
- the host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that
- should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your
- admin for the correct name as registered in
- the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
- to the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if
- no secret is required. If the secret object
- contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver.
- Consult your driver's documentation for supported
- values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by
- default. Must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits.
- Defaults to 0644. Directories within the path
- are not affected by this setting. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is
- handled by a cluster storage driver. The volume's
- lifecycle is tied to the pod that defines it - it
- will be created before the pod starts, and deleted
- when the pod is removed. \n Use this if: a) the
- volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or
- capacity tracking are needed, c) the storage driver
- is specified through a storage class, and d) the
- storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral
- volumes if the CSI driver is meant to be used that
- way - see the documentation of the driver for more
- information. \n A pod can use both types of ephemeral
- volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which
- this EphemeralVolumeSource is embedded will
- be the owner of the PVC, i.e. the PVC will be
- deleted together with the pod. The name of
- the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes`
- array entry. Pod validation will reject the
- pod if the concatenated name is not valid for
- a PVC (for example, too long). \n An existing
- PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting
- the pod is then blocked until the unrelated
- PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to
- updated with an owner reference to the pod once
- the pod exists. Normally this should not be
- necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field
- is read-only and no changes will be made by
- Kubernetes to the PVC after it has been created.
- \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will
- be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the
- desired access modes the volume should
- have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source,
- it will create a new volume based on
- the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
- if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
- preserves all values, and generates
- an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group
- for the resource being referenced.
- If APIGroup is not specified, the
- specified Kind must be in the core
- API group. For any other third-party
- types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the
- minimum resources the volume should
- have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed
- to specify resource requirements that
- are lower than previous value but must
- still be higher than capacity recorded
- in the status field of the claim. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the
- maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the
- minimum amount of compute resources
- required. If Requests is omitted
- for a container, it defaults to
- Limits if that is explicitly specified,
- otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a
- list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a
- set of values. Valid operators
- are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values
- array must be non-empty. If
- the operator is Exists or
- DoesNotExist, the values array
- must be empty. This array
- is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map
- of {key,value} pairs. A single {key,value}
- in the matchLabels map is equivalent
- to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are
- ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim.
- Value of Filesystem is implied when
- not included in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding
- reference to the PersistentVolume backing
- this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource
- that is attached to a kubelet's host machine and
- then exposed to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume
- resource that is provisioned/attached using an exec
- based plugin.
- properties:
- driver:
- description: Driver is the name of the driver
- to use for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options
- if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the
- Flocker control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository
- at a particular revision. DEPRECATED: GitRepo is
- deprecated. To provision a container with a git
- repo, mount an EmptyDir into an InitContainer that
- clones the repo using git, then mount the EmptyDir
- into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
- on the host that shares a pod''s lifetime. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly
- exposed to the container. This is generally used
- for system agents or other privileged things that
- are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use
- host directory mounts and who can/can not mount
- host directories as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host.
- If the path is a symlink, it will follow the
- link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults
- to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and
- then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS
- server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS
- export to be mounted with read-only permissions.
- Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same
- namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this
- volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets
- host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem
- type to mount Must be a filesystem type supported
- by the host operating system. Ex. "ext4", "xfs".
- Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile
- represents information to create
- the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is
- written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path.
- Must be utf-8 encoded. The first
- item of the relative path must
- not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource
- of the container: only resources
- limits and requests (limits.cpu,
- limits.memory, requests.cpu
- and requests.memory) are currently
- supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the
- output format of the exposed
- resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended
- audience of the token. A recipient
- of a token must identify itself with
- an identifier specified in the audience
- of the token, and otherwise should
- reject the token. The audience defaults
- to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the
- requested duration of validity of
- the service account token. As the
- token approaches expiration, the kubelet
- volume plugin will proactively rotate
- the service account token. The kubelet
- will start trying to rotate the token
- if the token is older than 80 percent
- of its time to live or if the token
- is older than 24 hours.Defaults to
- 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative
- to the mount point of the file to
- project the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on
- the host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device
- mount on the host that shares a pod''s lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring
- for RBDUser. Default is /etc/ceph/keyring. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API
- Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret
- for ScaleIO user and other sensitive information.
- If this is not provided, Login operation will
- fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: The name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should
- populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its
- keys must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to
- use for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable
- name of the StorageOS volume. Volume names
- are only unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope
- of the volume within StorageOS. If no namespace
- is specified then the Pod's namespace will be
- used. This allows the Kubernetes name scoping
- to be mirrored within StorageOS for tighter
- integration. Set VolumeName to any name to override
- the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will
- be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume
- vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- required:
- - volumeSource
- type: object
- gcs:
- description: An implementation of the storagedriver.StorageDriver
- interface which uses Google Cloud for object storage. https://docs.docker.com/registry/storage-drivers/gcs/
- properties:
- bucket:
- description: bucket to store charts for Gcs storage
- type: string
- chunkSize:
- type: string
- keyDataRef:
- description: The base64 encoded json file which contains
- the key
- type: string
- pathPrefix:
- type: string
- type: object
- inmemory:
- description: 'InMemory storage driver is for purely tests
- purposes. This driver is an implementation of the storagedriver.StorageDriver
- interface which uses local memory for object storage. If
- you would like to run a registry from volatile memory, use
- the filesystem driver on a ramdisk. IMPORTANT: This storage
- driver does not persist data across runs. This is why it
- is only suitable for testing. Never use this driver in production.
- See: https://docs.docker.com/registry/storage-drivers/inmemory/'
- type: object
- oss:
- description: An implementation of the storagedriver.StorageDriver
- interface which uses Alibaba Cloud for object storage. https://docs.docker.com/registry/storage-drivers/oss/
- properties:
- accessKeyID:
- type: string
- accessSecretRef:
- type: string
- bucket:
- type: string
- chunksize:
- description: The Oss API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the
- image in encrypted format or not. A boolean value.
- type: boolean
- endpoint:
- type: string
- internal:
- default: false
- type: boolean
- pathPrefix:
- type: string
- region:
- pattern: oss-.*
- type: string
- secure:
- default: true
- type: boolean
- required:
- - accessKeyID
- - accessSecretRef
- - bucket
- - region
- type: object
- s3:
- description: 'An implementation of the storagedriver.StorageDriver
- interface which uses Amazon S3 or S3 compatible services
- for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/'
- properties:
- accesskey:
- description: The AWS Access Key. If you use IAM roles,
- omit to fetch temporary credentials from IAM.
- type: string
- bucket:
- description: The bucket name in which you want to store
- the registry’s data.
- type: string
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- chunksize:
- description: The S3 API requires multipart upload chunks
- to be at least 5MB.
- format: int64
- minimum: 5242880
- type: integer
- encrypt:
- default: false
- description: Specifies whether the registry stores the
- image in encrypted format or not. A boolean value.
- type: boolean
- keyid:
- description: KMS key ID to use for encryption (encrypt
- must be true, or this parameter is ignored).
- type: string
- multipartcopychunksize:
- format: int64
- type: integer
- multipartcopymaxconcurrency:
- format: int64
- type: integer
- multipartcopythresholdsize:
- format: int64
- type: integer
- region:
- description: The AWS region in which your bucket exists.
- For the moment, the Go AWS library in use does not use
- the newer DNS based bucket routing. For a list of regions,
- see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- type: string
- regionendpoint:
- description: Endpoint for S3 compatible storage services
- (Minio, etc).
- type: string
- rootdirectory:
- description: This is a prefix that is applied to all S3
- keys to allow you to segment data in your bucket if
- necessary.
- type: string
- secretkeyRef:
- description: Reference to the secret containing the AWS
- Secret Key. If you use IAM roles, omit to fetch temporary
- credentials from IAM.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- secure:
- default: true
- type: boolean
- skipverify:
- default: false
- description: Skips TLS verification when the value is
- set to true.
- type: boolean
- storageclass:
- default: STANDARD
- description: The S3 storage class applied to each registry
- file.
- type: string
- v4auth:
- default: true
- description: Indicates whether the registry uses Version
- 4 of AWS’s authentication.
- type: boolean
- required:
- - bucket
- - region
- type: object
- swift:
- description: 'An implementation of the storagedriver.StorageDriver
- interface that uses OpenStack Swift for object storage.
- See: https://docs.docker.com/registry/storage-drivers/swift/'
- properties:
- accesskey:
- description: The access key to generate temporary URLs.
- It is used by HP Cloud Object Storage in addition to
- the secretkey parameter.
- type: string
- authurl:
- description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0
- or https://storage.myprovider.com/v3/auth
- type: string
- authversion:
- description: Specify the OpenStack Auth’s version, for
- example 3. By default the driver autodetects the auth’s
- version from the authurl.
- type: string
- chunksize:
- description: Size of the data segments for the Swift Dynamic
- Large Objects. This value should be a number.
- format: int64
- minimum: 5242880
- type: integer
- container:
- description: The name of your Swift container where you
- wish to store the registry’s data. The driver creates
- the named container during its initialization.
- type: string
- domain:
- description: Your Openstack domain name for Identity v3
- API. You can either use domain or domainid.
- type: string
- domainID:
- description: Your Openstack domain ID for Identity v3
- API. You can either use domain or domainid.
- type: string
- endpointtype:
- default: public
- description: The endpoint type used when connecting to
- swift.
- enum:
- - public
- - internal
- - admin
- type: string
- insecureskipverify:
- default: false
- description: Skips TLS verification if the value is set
- to true.
- type: boolean
- passwordRef:
- description: Secret name containing the Openstack password.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- prefix:
- description: This is a prefix that is applied to all Swift
- keys to allow you to segment data in your container
- if necessary. Defaults to the container’s root.
- type: string
- region:
- description: The Openstack region in which your container
- exists.
- type: string
- secretkeyRef:
- description: The secret key used to generate temporary
- URLs.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- tenant:
- description: Your Openstack tenant name. You can either
- use tenant or tenantid.
- type: string
- tenantID:
- description: Your Openstack tenant ID. You can either
- use tenant or tenantid.
- type: string
- trustid:
- description: Your Openstack trust ID for Identity v3 API.
- type: string
- username:
- description: The Openstack user name.
- type: string
- required:
- - authurl
- - container
- type: object
- type: object
- maintenance:
- properties:
- readOnly:
- properties:
- enabled:
- default: false
- type: boolean
- type: object
- uploadPurging:
- properties:
- age:
- default: 168h
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- dryRun:
- default: false
- type: boolean
- enabled:
- default: false
- type: boolean
- interval:
- default: 24h
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- type: object
- redirect:
- properties:
- disable:
- default: false
- type: boolean
- type: object
- required:
- - driver
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- trace:
- properties:
- attributes:
- additionalProperties:
- type: string
- description: A key value dict contains user defined attributes
- used to initialize trace provider.
- type: object
- enabled:
- default: false
- description: Enable tracing or not.
- type: boolean
- jaeger:
- properties:
- agent:
- properties:
- host:
- description: The host of the jaeger agent.
- type: string
- port:
- description: The port of the jaeger agent.
- type: integer
- type: object
- collector:
- properties:
- endpoint:
- description: The endpoint of the jaeger collector.
- type: string
- passwordRef:
- description: The password secret reference name of the
- jaeger collector.
- type: string
- username:
- description: The username of the jaeger collector.
- type: string
- required:
- - endpoint
- type: object
- mode:
- description: 'The jaeger mode: ''collector'' or ''agent''.'
- enum:
- - collector
- - agent
- type: string
- required:
- - mode
- type: object
- namespace:
- description: Namespace used to differentiate different harbor
- services.
- type: string
- otel:
- properties:
- compression:
- description: Whether enable compression or not for otel.
- type: boolean
- endpoint:
- description: The endpoint of otel.
- type: string
- insecure:
- description: Whether establish insecure connection or not
- for otel.
- type: boolean
- timeout:
- default: 10s
- description: The timeout of otel.
- type: string
- urlPath:
- description: The URL path of otel.
- type: string
- required:
- - endpoint
- - urlPath
- type: object
- provider:
- description: 'The tracing provider: ''jaeger'' or ''otel''.'
- enum:
- - jaeger
- - otel
- type: string
- sampleRate:
- default: 1
- description: Set `sampleRate` to 1 if you wanna sampling 100%
- of trace data; set 0.5 if you wanna sampling 50% of trace data,
- and so forth.
- type: integer
- required:
- - provider
- type: object
- updateStrategyType:
- default: RollingUpdate
- type: string
- validation:
- properties:
- disabled:
- type: boolean
- manifests:
- properties:
- urls:
- properties:
- allow:
- items:
- type: string
- type: array
- deny:
- items:
- type: string
- type: array
- type: object
- type: object
- type: object
- required:
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- required:
- - metadata
- type: object
- served: true
- storage: true
- subresources:
- scale:
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: registrycontrollers.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: RegistryController
- listKind: RegistryControllerList
- plural: registrycontrollers
- singular: registrycontroller
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: RegistryController is the Schema for the RegistryController API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: RegistryControllerSpec defines the desired state of RegistryController.
- properties:
- authentication:
- properties:
- coreSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- jobServiceSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- level:
- default: info
- description: RegistryCtlLogLevel is the log level for RegistryController.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- registryRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - authentication
- - registryRef
- type: object
- status:
- description: Most recently observed status.
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: RegistryController is the Schema for the RegistryController API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: RegistryControllerSpec defines the desired state of RegistryController.
- properties:
- authentication:
- properties:
- coreSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- jobServiceSecretRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- properties:
- level:
- default: info
- description: RegistryCtlLogLevel is the log level for RegistryController.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- type: string
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- registryRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- required:
- - authentication
- - registryRef
- type: object
- status:
- description: Most recently observed status.
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
- controller-gen.kubebuilder.io/version: v0.9.2
- name: trivies.goharbor.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: {{ include "chart.fullname" . | quote }}
- namespace: {{ .Release.Namespace }}
- path: /convert
- conversionReviewVersions:
- - v1
- group: goharbor.io
- names:
- categories:
- - goharbor
- kind: Trivy
- listKind: TrivyList
- plural: trivies
- singular: trivy
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Trivy is the Schema for the Trivy API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: TrivySpec defines the desired state of Trivy.
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- default:
- level: info
- properties:
- level:
- default: info
- description: TrivyLogLevel is the log level for Trivy.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- description: Redis cache store
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- jobs:
- properties:
- Namespace:
- default: harbor.scanner.trivy:job-queue
- description: The namespace for keys in the scan jobs queue
- backed by Redis
- type: string
- scanTTL:
- default: 1h
- description: The time to live for persisting scan jobs and
- associated scan reports
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- namespace:
- default: harbor.scanner.trivy:store
- description: The namespace for keys in the Redis store
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- pool:
- properties:
- connectionTimeout:
- default: 1s
- description: The timeout for connecting to the Redis server
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- idleTimeout:
- default: 5m
- description: The duration after which idle connections to
- the Redis server are closed. If the value is zero, then
- idle connections are not closed.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- maxActive:
- default: 5
- description: The max number of connections allocated by the
- Redis connection pool
- minimum: 0
- type: integer
- maxIdle:
- default: 5
- description: The max number of idle connections in the Redis
- connection pool
- minimum: 0
- type: integer
- readTimeout:
- default: 1s
- description: The timeout for reading a single Redis command
- reply
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- writeTimeout:
- default: 1s
- description: The timeout for writing a single Redis command
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- server:
- properties:
- clientCertificateAuthorityRefs:
- items:
- type: string
- type: array
- debugMode:
- default: false
- description: The flag to enable or disable Trivy debug mode
- type: boolean
- idleTimeout:
- default: 60s
- description: Idle timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- ignoreUnfixed:
- default: false
- description: The flag to display only fixed vulnerabilities
- type: boolean
- insecure:
- default: false
- description: The flag to skip verifying registry certificate
- type: boolean
- proxy:
- properties:
- URL:
- description: The URL of the proxy server
- pattern: https?://.+
- type: string
- noProxy:
- description: The URLs that the proxy settings do not apply
- to
- items:
- type: string
- type: array
- required:
- - URL
- type: object
- readTimeout:
- default: 15s
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenServiceCertificateAuthorityRefs:
- items:
- type: string
- type: array
- writeTimeout:
- default: 15s
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- severities:
- default:
- - UNKNOWN
- - LOW
- - MEDIUM
- - HIGH
- - CRITICAL
- description: List of severities to be displayed
- items:
- description: TrivyServerSeverityType represents a CVE severity type
- for trivy.
- enum:
- - UNKNOWN
- - LOW
- - MEDIUM
- - HIGH
- - CRITICAL
- type: string
- type: array
- storage:
- properties:
- cache:
- properties:
- prefix:
- type: string
- volumeSource:
- default:
- emptyDir:
- sizeLimit: 1Gi
- description: Represents the source of a volume to mount. Only
- one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
- on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set). defaults
- to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
- the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the
- secret object contains more than one secret, all
- secret references are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver. Consult
- your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the
- pod: only annotations, labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file, must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of the
- relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for
- volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle
- is tied to the pod that defines it - it will be created
- before the pod starts, and deleted when the pod is removed.
- \n Use this if: a) the volume is only needed while the
- pod runs, b) features of normal volumes like restoring
- from snapshot or capacity tracking are needed, c) the
- storage driver is specified through a storage class,
- and d) the storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral volumes
- if the CSI driver is meant to be used that way - see
- the documentation of the driver for more information.
- \n A pod can use both types of ephemeral volumes and
- persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which this
- EphemeralVolumeSource is embedded will be the owner
- of the PVC, i.e. the PVC will be deleted together
- with the pod. The name of the PVC will be `-` where `` is the
- name from the `PodSpec.Volumes` array entry. Pod
- validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long).
- \n An existing PVC with that name that is not owned
- by the pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting the
- pod is then blocked until the unrelated PVC is removed.
- If such a pre-created PVC is meant to be used by
- the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should
- not be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field is
- read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source, it
- will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are lower
- than previous value but must still be higher
- than capacity recorded in the status field
- of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required.
- If Requests is omitted for a container,
- it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key
- that the selector applies to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource that
- is attached to a kubelet's host machine and then exposed
- to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to use
- for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at a
- particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an EmptyDir
- into an InitContainer that clones the repo using git,
- then mount the EmptyDir into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
- the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name that
- details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly exposed
- to the container. This is generally used for system
- agents or other privileged things that are allowed to
- see the host machine. Most containers will NOT need
- this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host
- directory mounts and who can/can not mount host directories
- as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host. If
- the path is a symlink, it will follow the link to
- the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults to
- "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and then
- exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected along
- with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a
- field of the pod: only annotations,
- labels, name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in
- terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified API
- version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file to
- be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of
- the container: only resources limits
- and requests (limits.cpu, limits.memory,
- requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret data
- to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended audience
- of the token. A recipient of a token must
- identify itself with an identifier specified
- in the audience of the token, and otherwise
- should reject the token. The audience
- defaults to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration,
- the kubelet volume plugin will proactively
- rotate the service account token. The
- kubelet will start trying to rotate the
- token if the token is older than 80 percent
- of its time to live or if the token is
- older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative to
- the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references an
- already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret for
- ScaleIO user and other sensitive information. If
- this is not provided, Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope of
- the volume within StorageOS. If no namespace is
- specified then the Pod's namespace will be used. This
- allows the Kubernetes name scoping to be mirrored
- within StorageOS for tighter integration. Set VolumeName
- to any name to override the default behaviour. Set
- to "default" if you are not using namespaces within
- StorageOS. Namespaces that do not pre-exist within
- StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- reports:
- properties:
- prefix:
- type: string
- volumeSource:
- default:
- emptyDir:
- sizeLimit: 1Gi
- description: Represents the source of a volume to mount. Only
- one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
- on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set). defaults
- to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
- the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the
- secret object contains more than one secret, all
- secret references are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver. Consult
- your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the
- pod: only annotations, labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file, must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of the
- relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for
- volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle
- is tied to the pod that defines it - it will be created
- before the pod starts, and deleted when the pod is removed.
- \n Use this if: a) the volume is only needed while the
- pod runs, b) features of normal volumes like restoring
- from snapshot or capacity tracking are needed, c) the
- storage driver is specified through a storage class,
- and d) the storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral volumes
- if the CSI driver is meant to be used that way - see
- the documentation of the driver for more information.
- \n A pod can use both types of ephemeral volumes and
- persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which this
- EphemeralVolumeSource is embedded will be the owner
- of the PVC, i.e. the PVC will be deleted together
- with the pod. The name of the PVC will be `-` where `` is the
- name from the `PodSpec.Volumes` array entry. Pod
- validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long).
- \n An existing PVC with that name that is not owned
- by the pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting the
- pod is then blocked until the unrelated PVC is removed.
- If such a pre-created PVC is meant to be used by
- the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should
- not be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field is
- read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source, it
- will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are lower
- than previous value but must still be higher
- than capacity recorded in the status field
- of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required.
- If Requests is omitted for a container,
- it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key
- that the selector applies to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource that
- is attached to a kubelet's host machine and then exposed
- to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to use
- for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at a
- particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an EmptyDir
- into an InitContainer that clones the repo using git,
- then mount the EmptyDir into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
- the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name that
- details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly exposed
- to the container. This is generally used for system
- agents or other privileged things that are allowed to
- see the host machine. Most containers will NOT need
- this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host
- directory mounts and who can/can not mount host directories
- as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host. If
- the path is a symlink, it will follow the link to
- the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults to
- "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and then
- exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected along
- with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a
- field of the pod: only annotations,
- labels, name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in
- terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified API
- version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file to
- be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of
- the container: only resources limits
- and requests (limits.cpu, limits.memory,
- requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret data
- to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended audience
- of the token. A recipient of a token must
- identify itself with an identifier specified
- in the audience of the token, and otherwise
- should reject the token. The audience
- defaults to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration,
- the kubelet volume plugin will proactively
- rotate the service account token. The
- kubelet will start trying to rotate the
- token if the token is older than 80 percent
- of its time to live or if the token is
- older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative to
- the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references an
- already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret for
- ScaleIO user and other sensitive information. If
- this is not provided, Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope of
- the volume within StorageOS. If no namespace is
- specified then the Pod's namespace will be used. This
- allows the Kubernetes name scoping to be mirrored
- within StorageOS for tighter integration. Set VolumeName
- to any name to override the default behaviour. Set
- to "default" if you are not using namespaces within
- StorageOS. Namespaces that do not pre-exist within
- StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- required:
- - cache
- - reports
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- update:
- properties:
- githubTokenRef:
- description: The GitHub access token to download Trivy DB (see
- GitHub rate limiting)
- type: string
- skip:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- type: object
- vulnerabilityTypes:
- default:
- - os
- - library
- description: Comma-separated list of vulnerability types.
- items:
- description: TrivyServerVulnerabilityType represents a CVE vulnerability
- type for trivy.
- enum:
- - os
- - library
- type: string
- type: array
- required:
- - server
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Timestamp representing the server time when this object was created.
- It is not guaranteed to be set in happens-before order across separate operations.
- Clients may not set this value. It is represented in RFC3339 form and is in
- UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- priority: 1
- type: date
- - description: Human readable message describing the failure
- jsonPath: .status.conditions[?(@.type=="Failed")].message
- name: Failure
- priority: 5
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Trivy is the Schema for the Trivy API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: TrivySpec defines the desired state of Trivy.
- properties:
- certificateRefs:
- items:
- type: string
- type: array
- image:
- description: Image name for the component.
- type: string
- imagePullPolicy:
- description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- imagePullSecrets:
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- log:
- default:
- level: info
- properties:
- level:
- default: info
- description: TrivyLogLevel is the log level for Trivy.
- enum:
- - debug
- - info
- - warning
- - error
- - fatal
- - panic
- type: string
- type: object
- network:
- properties:
- ipFamilies:
- items:
- description: IPFamily represents the IP Family (IPv4 or IPv6).
- This type is used to express the family of an IP expressed
- by a type (e.g. service.spec.ipFamilies).
- type: string
- type: array
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: 'NodeSelector is a selector which must be true for the
- component to fit on a node. Selector which must match a node''s
- labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- offlineScan:
- default: false
- type: boolean
- proxy:
- properties:
- httpProxy:
- pattern: https?://.+
- type: string
- httpsProxy:
- pattern: https?://.+
- type: string
- noProxy:
- default:
- - 127.0.0.1
- - localhost
- - .local
- - .internal
- items:
- type: string
- type: array
- type: object
- redis:
- description: Redis cache store
- properties:
- certificateRef:
- description: Secret containing the client certificate to authenticate
- with.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- database:
- default: 0
- description: The database number.
- format: int32
- maximum: 8
- minimum: 0
- type: integer
- host:
- description: Server hostname.
- minLength: 1
- type: string
- jobs:
- properties:
- Namespace:
- default: harbor.scanner.trivy:job-queue
- description: The namespace for keys in the scan jobs queue
- backed by Redis
- type: string
- scanTTL:
- default: 1h
- description: The time to live for persisting scan jobs and
- associated scan reports
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- namespace:
- default: harbor.scanner.trivy:store
- description: The namespace for keys in the Redis store
- type: string
- passwordRef:
- description: Secret containing the password to use when connecting
- to the server.
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- pool:
- properties:
- connectionTimeout:
- default: 1s
- description: The timeout for connecting to the Redis server
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- idleTimeout:
- default: 5m
- description: The duration after which idle connections to
- the Redis server are closed. If the value is zero, then
- idle connections are not closed.
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- maxActive:
- default: 5
- description: The max number of connections allocated by the
- Redis connection pool
- minimum: 0
- type: integer
- maxIdle:
- default: 5
- description: The max number of idle connections in the Redis
- connection pool
- minimum: 0
- type: integer
- readTimeout:
- default: 1s
- description: The timeout for reading a single Redis command
- reply
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- writeTimeout:
- default: 1s
- description: The timeout for writing a single Redis command
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- port:
- description: Server port.
- exclusiveMinimum: true
- format: int32
- minimum: 0
- type: integer
- sentinelMasterSet:
- description: for Sentinel MasterSet.
- type: string
- required:
- - host
- type: object
- replicas:
- description: 'Replicas is the number of desired replicas. This is
- a pointer to distinguish between explicit zero and unspecified.
- More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller'
- format: int32
- minimum: 0
- type: integer
- resources:
- description: 'Compute Resources required by this component. Cannot
- be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- server:
- properties:
- clientCertificateAuthorityRefs:
- items:
- type: string
- type: array
- debugMode:
- default: false
- description: The flag to enable or disable Trivy debug mode
- type: boolean
- idleTimeout:
- default: 60s
- description: Idle timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- ignoreUnfixed:
- default: false
- description: The flag to display only fixed vulnerabilities
- type: boolean
- insecure:
- default: false
- description: The flag to skip verifying registry certificate
- type: boolean
- proxy:
- properties:
- URL:
- description: The URL of the proxy server
- pattern: https?://.+
- type: string
- noProxy:
- description: The URLs that the proxy settings do not apply
- to
- items:
- type: string
- type: array
- required:
- - URL
- type: object
- readTimeout:
- default: 15s
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- tls:
- properties:
- certificateRef:
- pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'
- type: string
- type: object
- tokenServiceCertificateAuthorityRefs:
- items:
- type: string
- type: array
- writeTimeout:
- default: 15s
- description: Socket timeout
- pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)?
- type: string
- type: object
- serviceAccountName:
- description: 'ServiceAccountName is the name of the ServiceAccount
- to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
- type: string
- severities:
- default:
- - UNKNOWN
- - LOW
- - MEDIUM
- - HIGH
- - CRITICAL
- description: List of severities to be displayed
- items:
- description: TrivyServerSeverityType represents a CVE severity type
- for trivy.
- enum:
- - UNKNOWN
- - LOW
- - MEDIUM
- - HIGH
- - CRITICAL
- type: string
- type: array
- storage:
- properties:
- cache:
- properties:
- prefix:
- type: string
- volumeSource:
- default:
- emptyDir:
- sizeLimit: 1Gi
- description: Represents the source of a volume to mount. Only
- one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
- on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set). defaults
- to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
- the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the
- secret object contains more than one secret, all
- secret references are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver. Consult
- your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the
- pod: only annotations, labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file, must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of the
- relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for
- volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle
- is tied to the pod that defines it - it will be created
- before the pod starts, and deleted when the pod is removed.
- \n Use this if: a) the volume is only needed while the
- pod runs, b) features of normal volumes like restoring
- from snapshot or capacity tracking are needed, c) the
- storage driver is specified through a storage class,
- and d) the storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral volumes
- if the CSI driver is meant to be used that way - see
- the documentation of the driver for more information.
- \n A pod can use both types of ephemeral volumes and
- persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which this
- EphemeralVolumeSource is embedded will be the owner
- of the PVC, i.e. the PVC will be deleted together
- with the pod. The name of the PVC will be `-` where `` is the
- name from the `PodSpec.Volumes` array entry. Pod
- validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long).
- \n An existing PVC with that name that is not owned
- by the pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting the
- pod is then blocked until the unrelated PVC is removed.
- If such a pre-created PVC is meant to be used by
- the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should
- not be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field is
- read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source, it
- will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are lower
- than previous value but must still be higher
- than capacity recorded in the status field
- of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required.
- If Requests is omitted for a container,
- it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key
- that the selector applies to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource that
- is attached to a kubelet's host machine and then exposed
- to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to use
- for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at a
- particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an EmptyDir
- into an InitContainer that clones the repo using git,
- then mount the EmptyDir into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
- the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name that
- details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly exposed
- to the container. This is generally used for system
- agents or other privileged things that are allowed to
- see the host machine. Most containers will NOT need
- this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host
- directory mounts and who can/can not mount host directories
- as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host. If
- the path is a symlink, it will follow the link to
- the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults to
- "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and then
- exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected along
- with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a
- field of the pod: only annotations,
- labels, name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in
- terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified API
- version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file to
- be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of
- the container: only resources limits
- and requests (limits.cpu, limits.memory,
- requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret data
- to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended audience
- of the token. A recipient of a token must
- identify itself with an identifier specified
- in the audience of the token, and otherwise
- should reject the token. The audience
- defaults to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration,
- the kubelet volume plugin will proactively
- rotate the service account token. The
- kubelet will start trying to rotate the
- token if the token is older than 80 percent
- of its time to live or if the token is
- older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative to
- the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references an
- already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret for
- ScaleIO user and other sensitive information. If
- this is not provided, Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope of
- the volume within StorageOS. If no namespace is
- specified then the Pod's namespace will be used. This
- allows the Kubernetes name scoping to be mirrored
- within StorageOS for tighter integration. Set VolumeName
- to any name to override the default behaviour. Set
- to "default" if you are not using namespaces within
- StorageOS. Namespaces that do not pre-exist within
- StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- reports:
- properties:
- prefix:
- type: string
- volumeSource:
- default:
- emptyDir:
- sizeLimit: 1Gi
- description: Represents the source of a volume to mount. Only
- one of its members may be specified.
- properties:
- awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
- on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
- type: string
- diskName:
- description: The Name of the data disk in the blob
- storage
- type: string
- diskURI:
- description: The URI the data disk in the blob storage
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set). defaults
- to shared'
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: AzureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
- type: string
- shareName:
- description: Share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: CephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'Cinder represents a cinder volume attached
- and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volume id used to identify the volume
- in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: ConfigMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: CSI (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: Driver is the name of the CSI driver
- that handles this volume. Consult with your admin
- for the correct name as registered in the cluster.
- type: string
- fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
- the secret object containing sensitive information
- to pass to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the
- secret object contains more than one secret, all
- secret references are passed.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: VolumeAttributes stores driver-specific
- properties that are passed to the CSI driver. Consult
- your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: DownwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created
- files by default. Must be a Optional: mode bits
- used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires decimal
- values for mode bits. Defaults to 0644. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the
- pod: only annotations, labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file, must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of the
- relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for
- volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'EmptyDir represents a temporary directory
- that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "Ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle
- is tied to the pod that defines it - it will be created
- before the pod starts, and deleted when the pod is removed.
- \n Use this if: a) the volume is only needed while the
- pod runs, b) features of normal volumes like restoring
- from snapshot or capacity tracking are needed, c) the
- storage driver is specified through a storage class,
- and d) the storage driver supports dynamic volume provisioning
- through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this
- volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that
- persist for longer than the lifecycle of an individual
- pod. \n Use CSI for light-weight local ephemeral volumes
- if the CSI driver is meant to be used that way - see
- the documentation of the driver for more information.
- \n A pod can use both types of ephemeral volumes and
- persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone
- PVC to provision the volume. The pod in which this
- EphemeralVolumeSource is embedded will be the owner
- of the PVC, i.e. the PVC will be deleted together
- with the pod. The name of the PVC will be `-` where `` is the
- name from the `PodSpec.Volumes` array entry. Pod
- validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long).
- \n An existing PVC with that name that is not owned
- by the pod will *not* be used for the pod to avoid
- using an unrelated volume by mistake. Starting the
- pod is then blocked until the unrelated PVC is removed.
- If such a pre-created PVC is meant to be used by
- the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should
- not be necessary, but it may be useful when manually
- reconstructing a broken cluster. \n This field is
- read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required,
- must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations
- that will be copied into the PVC when creating
- it. No other fields are allowed and will be
- rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into
- the PVC that gets created from this template.
- The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: 'AccessModes contains the desired
- access modes the volume should have. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller
- can support the specified data source, it
- will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
- all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for
- the resource being referenced. If APIGroup
- is not specified, the specified Kind
- must be in the core API group. For any
- other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'Resources represents the minimum
- resources the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to
- specify resource requirements that are lower
- than previous value but must still be higher
- than capacity recorded in the status field
- of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum
- amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required.
- If Requests is omitted for a container,
- it defaults to Limits if that is explicitly
- specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: A label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values,
- a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key
- that the selector applies to.
- type: string
- operator:
- description: operator represents
- a key's relationship to a set
- of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array
- of string values. If the operator
- is In or NotIn, the values array
- must be non-empty. If the operator
- is Exists or DoesNotExist, the
- values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator
- is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type
- of volume is required by the claim. Value
- of Filesystem is implied when not included
- in claim spec.
- type: string
- volumeName:
- description: VolumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: FC represents a Fibre Channel resource that
- is attached to a kubelet's host machine and then exposed
- to the pod.
- properties:
- fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
- type: string
- lun:
- description: 'Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: FlexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: Driver is the name of the driver to use
- for this volume.
- type: string
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'Optional: Extra command options if any.'
- type: object
- readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
- type: boolean
- secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: Flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
- type: string
- datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
- resource that is attached to a kubelet''s host machine
- and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'GitRepo represents a git repository at a
- particular revision. DEPRECATED: GitRepo is deprecated.
- To provision a container with a git repo, mount an EmptyDir
- into an InitContainer that clones the repo using git,
- then mount the EmptyDir into the Pod''s container.'
- properties:
- directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: Repository URL
- type: string
- revision:
- description: Commit hash for the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
- the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'EndpointsName is the endpoint name that
- details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'Path is the Glusterfs volume path. More
- info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'ReadOnly here will force the Glusterfs
- volume to be mounted with read-only permissions.
- Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'HostPath represents a pre-existing file
- or directory on the host machine that is directly exposed
- to the container. This is generally used for system
- agents or other privileged things that are allowed to
- see the host machine. Most containers will NOT need
- this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host
- directory mounts and who can/can not mount host directories
- as read/write.'
- properties:
- path:
- description: 'Path of the directory on the host. If
- the path is a symlink, it will follow the link to
- the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'Type for HostPath Volume Defaults to
- "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
- that is attached to a kubelet''s host machine and then
- exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
- type: boolean
- chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
- type: string
- iqn:
- description: Target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- nfs:
- description: 'NFS represents an NFS mount on the host
- that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'Path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'ReadOnly here will force the NFS export
- to be mounted with read-only permissions. Defaults
- to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'Server is the hostname or IP address
- of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
- a reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- pdID:
- description: ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: PortworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: FSType represents the filesystem type
- to mount Must be a filesystem type supported by
- the host operating system. Ex. "ext4", "xfs". Implicitly
- inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: VolumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
- properties:
- defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: list of volume projections
- items:
- description: Projection that may be projected along
- with other supported volume types
- properties:
- configMap:
- description: information about the configMap
- data to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a
- field of the pod: only annotations,
- labels, name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in
- terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified API
- version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file, must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file to
- be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of
- the container: only resources limits
- and requests (limits.cpu, limits.memory,
- requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: information about the secret data
- to project
- properties:
- items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path
- within a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values, JSON
- requires decimal values for mode
- bits. If not specified, the volume
- defaultMode will be used. This might
- be in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
- properties:
- audience:
- description: Audience is the intended audience
- of the token. A recipient of a token must
- identify itself with an identifier specified
- in the audience of the token, and otherwise
- should reject the token. The audience
- defaults to the identifier of the apiserver.
- type: string
- expirationSeconds:
- description: ExpirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration,
- the kubelet volume plugin will proactively
- rotate the service account token. The
- kubelet will start trying to rotate the
- token if the token is older than 80 percent
- of its time to live or if the token is
- older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: Path is the path relative to
- the mount point of the file to project
- the token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: Quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: Group to map volume access to Default
- is no group
- type: string
- readOnly:
- description: ReadOnly here will force the Quobyte
- volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: Registry represents a single or multiple
- Quobyte Registry services specified as a string
- as host:port pair (multiple entries are separated
- with commas) which acts as the central registry
- for volumes
- type: string
- tenant:
- description: Tenant owning the given Quobyte volume
- in the Backend Used with dynamically provisioned
- Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: User to map volume access to Defaults
- to serivceaccount user
- type: string
- volume:
- description: Volume is a string that references an
- already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'RBD represents a Rados Block Device mount
- on the host that shares a pod''s lifetime. More info:
- https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem
- from compromising the machine'
- type: string
- image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'Keyring is the path to key ring for
- RBDUser. Default is /etc/ceph/keyring. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'ReadOnly here will force the ReadOnly
- setting in VolumeMounts. Defaults to false. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'SecretRef is name of the authentication
- secret for RBDUser. If provided overrides keyring.
- Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: The host address of the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef references to the secret for
- ScaleIO user and other sensitive information. If
- this is not provided, Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
- type: string
- storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
- type: string
- system:
- description: The name of the storage system as configured
- in ScaleIO.
- type: string
- volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'Secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
- the listed keys will be projected into the specified
- paths, and unlisted keys will not be present. If
- a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: The key to project.
- type: string
- mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
- values for mode bits. If not specified, the
- volume defaultMode will be used. This might
- be in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: Specify whether the Secret or its keys
- must be defined
- type: boolean
- secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: StorageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: SecretRef specifies the secret to use
- for obtaining the StorageOS API credentials. If
- not specified, default values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: VolumeName is the human-readable name
- of the StorageOS volume. Volume names are only
- unique within a namespace.
- type: string
- volumeNamespace:
- description: VolumeNamespace specifies the scope of
- the volume within StorageOS. If no namespace is
- specified then the Pod's namespace will be used. This
- allows the Kubernetes name scoping to be mirrored
- within StorageOS for tighter integration. Set VolumeName
- to any name to override the default behaviour. Set
- to "default" if you are not using namespaces within
- StorageOS. Namespaces that do not pre-exist within
- StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: VsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
- type: string
- volumePath:
- description: Path that identifies vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- type: object
- type: object
- required:
- - cache
- - reports
- type: object
- templateAnnotations:
- additionalProperties:
- type: string
- description: Custom annotations to be added into the pods
- type: object
- timeout:
- default: 5m0s
- type: string
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple using the matching
- operator .
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- update:
- properties:
- githubTokenRef:
- description: The GitHub access token to download Trivy DB (see
- GitHub rate limiting)
- type: string
- skip:
- default: false
- description: The flag to enable or disable Trivy DB downloads
- from GitHub
- type: boolean
- type: object
- vulnerabilityTypes:
- default:
- - os
- - library
- description: Comma-separated list of vulnerability types.
- items:
- description: TrivyServerVulnerabilityType represents a CVE vulnerability
- type for trivy.
- enum:
- - os
- - library
- type: string
- type: array
- required:
- - server
- - storage
- type: object
- status:
- description: ComponentStatus represents the current status of the resource.
- https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties
- properties:
- conditions:
- description: Conditions list of extracted conditions from Resource
- items:
- description: Condition defines the general format for conditions
- on Kubernetes resources. In practice, each kubernetes resource
- defines their own format for conditions, but most (maybe all)
- follows this structure.
- properties:
- message:
- description: Message Human readable reason string
- type: string
- reason:
- description: Reason one work CamelCase reason
- type: string
- status:
- description: Status String that describes the condition status
- type: string
- type:
- description: Type condition type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- format: int64
- type: integer
- operator:
- description: ControllerStatus represents the current status of the
- operator.
- properties:
- controllerGitCommit:
- minLength: 1
- type: string
- controllerName:
- minLength: 1
- type: string
- controllerVersion:
- minLength: 1
- type: string
- type: object
- replicas:
- description: Current number of pods.
- format: int32
- minimum: 0
- type: integer
- required:
- - conditions
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-{{- end -}}
diff --git a/config/helm/crds/kustomization.yaml b/config/helm/crds/kustomization.yaml
index b1c647779..48ae06283 100644
--- a/config/helm/crds/kustomization.yaml
+++ b/config/helm/crds/kustomization.yaml
@@ -1,12 +1,12 @@
-namePrefix: '{{ include "chart.fullname" . }}-'
+namePrefix: 'harbor-operator-'
-namespace: '{{ .Release.Namespace }}'
+namespace: 'harbor-operator-ns'
generatorOptions:
disableNameSuffixHash: true
commonAnnotations:
- cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert'
+ cert-manager.io/inject-ca-from: 'harbor-operator-ns/harbor-operator-serving-cert'
patchesStrategicMerge:
- patches/chartmuseums_service.yaml
diff --git a/config/helm/crds/patches/chartmuseums_service.yaml b/config/helm/crds/patches/chartmuseums_service.yaml
index fee7c5c1a..d153c77b5 100644
--- a/config/helm/crds/patches/chartmuseums_service.yaml
+++ b/config/helm/crds/patches/chartmuseums_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/cores_service.yaml b/config/helm/crds/patches/cores_service.yaml
index 5a346afdc..2fc9cf880 100644
--- a/config/helm/crds/patches/cores_service.yaml
+++ b/config/helm/crds/patches/cores_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/exporters_service.yaml b/config/helm/crds/patches/exporters_service.yaml
index a08c46c7c..70f8d10ae 100644
--- a/config/helm/crds/patches/exporters_service.yaml
+++ b/config/helm/crds/patches/exporters_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/harborclusters_service.yaml b/config/helm/crds/patches/harborclusters_service.yaml
index 183fe45bd..3b84cd38a 100644
--- a/config/helm/crds/patches/harborclusters_service.yaml
+++ b/config/helm/crds/patches/harborclusters_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/harbors_service.yaml b/config/helm/crds/patches/harbors_service.yaml
index 2e3aa6807..e7231f86c 100644
--- a/config/helm/crds/patches/harbors_service.yaml
+++ b/config/helm/crds/patches/harbors_service.yaml
@@ -17,5 +17,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/jobservices_service.yaml b/config/helm/crds/patches/jobservices_service.yaml
index 3c020fe83..dd320b1b4 100644
--- a/config/helm/crds/patches/jobservices_service.yaml
+++ b/config/helm/crds/patches/jobservices_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/notaryservers_service.yaml b/config/helm/crds/patches/notaryservers_service.yaml
index 9abc7f598..b941cc3c2 100644
--- a/config/helm/crds/patches/notaryservers_service.yaml
+++ b/config/helm/crds/patches/notaryservers_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/notarysigners_service.yaml b/config/helm/crds/patches/notarysigners_service.yaml
index 97036c69e..a0fab46ba 100644
--- a/config/helm/crds/patches/notarysigners_service.yaml
+++ b/config/helm/crds/patches/notarysigners_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/portals_service.yaml b/config/helm/crds/patches/portals_service.yaml
index 1f77af31d..629d33556 100644
--- a/config/helm/crds/patches/portals_service.yaml
+++ b/config/helm/crds/patches/portals_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/registries_service.yaml b/config/helm/crds/patches/registries_service.yaml
index 47734a32a..70f4f3c68 100644
--- a/config/helm/crds/patches/registries_service.yaml
+++ b/config/helm/crds/patches/registries_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/registrycontrollers_service.yaml b/config/helm/crds/patches/registrycontrollers_service.yaml
index b30b146b3..35e485d18 100644
--- a/config/helm/crds/patches/registrycontrollers_service.yaml
+++ b/config/helm/crds/patches/registrycontrollers_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
diff --git a/config/helm/crds/patches/trivies_service.yaml b/config/helm/crds/patches/trivies_service.yaml
index 930d710d4..5391686f3 100644
--- a/config/helm/crds/patches/trivies_service.yaml
+++ b/config/helm/crds/patches/trivies_service.yaml
@@ -16,5 +16,5 @@ spec:
caBundle: Cg==
service:
namespace: system
- name: '{{ include "chart.fullname" . | quote }}'
+ name: 'harbor-operator'
path: /convert
From 4831f9a708d76035f1765378cc3d6359aaa39283 Mon Sep 17 00:00:00 2001
From: Marcel
Date: Tue, 23 May 2023 20:35:08 +0200
Subject: [PATCH 05/34] Minor updates and changes to the README (#998)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Minor updates and changes to the README
Signed-off-by: Marcel Müller
* Add in minor change
Signed-off-by: Marcel Müller
---------
Signed-off-by: Marcel Müller
---
.github/auto-assignees.yaml | 2 +-
README.md | 14 +++++++-------
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/.github/auto-assignees.yaml b/.github/auto-assignees.yaml
index 12aeb7466..436a37873 100644
--- a/.github/auto-assignees.yaml
+++ b/.github/auto-assignees.yaml
@@ -19,4 +19,4 @@ skipKeywords:
- wip
- DO NOT MERGE
-numberOfReviewers: 2
+numberOfReviewers: 1
diff --git a/README.md b/README.md
index 973309c2f..c58178f68 100644
--- a/README.md
+++ b/README.md
@@ -53,7 +53,6 @@ Harbor deployment stack is controlled by a custom Harbor resource `HarborCluster
## Release plans
-* [Release 1.3](https://github.com/goharbor/harbor-operator/projects/9)
* [Release 1.4](https://github.com/goharbor/harbor-operator/projects/12)
## Getting started
@@ -103,9 +102,9 @@ Harbor operator exposes the frontend service with ingress (CRD version: `v1beta1
**NOTES:**
- :heavy_check_mark: : support
- :heavy_multiplication_x: : not support
- :o: : not verified (probably support)
+ :heavy_check_mark: : supported
+ :heavy_multiplication_x: : not supported
+ :o: : not verified (probably supported)
## Documentation
@@ -133,9 +132,10 @@ Special thanks to the [contributors](./MAINTAINERS) who did significant contribu
## Community
-* **Slack:** channel `#harbor-operator-dev` at [CNCF Workspace](https://slack.cncf.io)
-* **Mail group:** send mail to Harbor dev mail group: harbor-dev@lists.cncf.io
-* **Twitter:** [@project_harbor](https://twitter.com/project_harbor)
+* **Twitter:** [@project_harbor](https://twitter.com/project_harbor)
+* **User Group:** Join Harbor user email group: [harbor-users@lists.cncf.io](https://lists.cncf.io/g/harbor-users) to get update of Harbor's news, features, releases, or to provide suggestion and feedback.
+* **Developer Group:** Join Harbor developer group: [harbor-dev@lists.cncf.io](https://lists.cncf.io/g/harbor-dev) for discussion on Harbor development and contribution.
+* **Slack:** Join Harbor's community for discussion and ask questions: [Cloud Native Computing Foundation](https://slack.cncf.io/), channel: [#harbor-operator-dev](https://cloud-native.slack.com/messages/harbor-operator-dev/)
* **Community meeting:** attend [bi-weekly community meeting](https://github.com/goharbor/community/blob/master/MEETING_SCHEDULE.md) for Q&A
## Additional references
From 98058f85b16d76d02030195993a7df7030baa5d7 Mon Sep 17 00:00:00 2001
From: Noah Tang <51119718+CoderTH@users.noreply.github.com>
Date: Wed, 24 May 2023 16:41:57 +0800
Subject: [PATCH 06/34] upgrade controller-runtime version (#1034)
upgrade controller runtime version
Signed-off-by: coderth
---
.../goharbor.io/v1alpha3/harbor_types_test.go | 3 +-
.../v1alpha3/v1alpha3_suite_test.go | 2 +-
.../goharbor.io/v1beta1/v1beta1_suite_test.go | 2 +-
.../goharbor/chartmuseum/chartmuseum_test.go | 2 +-
.../goharbor/chartmuseum/suite_test.go | 13 +-
controllers/goharbor/controller_test.go | 3 +-
controllers/goharbor/core/core_test.go | 2 +-
controllers/goharbor/core/suite_test.go | 13 +-
.../goharbor/harbor/harbor_suite_test.go | 6 +-
controllers/goharbor/harbor/harbor_test.go | 2 +-
controllers/goharbor/harbor/trivy_test.go | 2 +-
controllers/goharbor/harbor_test.go | 2 +-
controllers/goharbor/internal/test/context.go | 2 +-
controllers/goharbor/internal/test/init.go | 4 +-
controllers/goharbor/internal/test/manager.go | 2 +-
.../goharbor/internal/test/pods/logs.go | 8 +-
.../test/port-forward/port-forward.go | 2 +-
.../goharbor/jobservice/jobservice_test.go | 2 +-
controllers/goharbor/jobservice/suite_test.go | 13 +-
.../notaryserver/notaryserver_test.go | 2 +-
.../goharbor/notaryserver/suite_test.go | 13 +-
.../notarysigner/notarysigner_test.go | 2 +-
.../goharbor/notarysigner/suite_test.go | 13 +-
controllers/goharbor/portal/portal_test.go | 2 +-
controllers/goharbor/portal/suite_test.go | 13 +-
.../pullsecretbinding/pullsecretbinding.go | 4 +-
.../goharbor/registry/registry_test.go | 2 +-
controllers/goharbor/registry/suite_test.go | 15 +-
controllers/goharbor/suite_test.go | 13 +-
controllers/goharbor/trivy/suite_test.go | 13 +-
controllers/goharbor/trivy/trivy_test.go | 2 +-
go.mod | 116 +-
go.sum | 460 +-
manifests/cluster/deployment.yaml | 14762 +++++++++-------
manifests/harbor/deployment.yaml | 14762 +++++++++-------
pkg/builder/builder.go | 5 +-
pkg/config/config_test.go | 2 +-
pkg/config/errors_test.go | 2 +-
pkg/config/suite_test.go | 6 +-
pkg/controller/mutation/annotations_test.go | 2 +-
pkg/controller/mutation/labels_test.go | 2 +-
pkg/controller/mutation/owner_test.go | 2 +-
pkg/controller/mutation/suite_test.go | 6 +-
pkg/controller/resource_test.go | 2 +-
pkg/controller/suite_test.go | 6 +-
pkg/controller/template.go | 3 +-
pkg/event-filter/class/class_test.go | 6 +-
pkg/event-filter/class/suite_test.go | 9 +-
pkg/graph/graph_test.go | 2 +-
pkg/graph/runner_test.go | 2 +-
pkg/graph/suite_test.go | 7 +-
pkg/graph/types_test.go | 2 +-
pkg/image/image_suite_test.go | 2 +-
pkg/image/image_test.go | 2 +-
pkg/resources/checksum/checksum_suite_test.go | 2 +-
pkg/resources/checksum/checksum_test.go | 2 +-
pkg/resources/statuscheck/basic_test.go | 2 +-
pkg/resources/statuscheck/certificate_test.go | 2 +-
pkg/resources/statuscheck/suite_test.go | 6 +-
.../statuscheck/unstructured_test.go | 2 +-
pkg/scheme/scheme_test.go | 3 +-
pkg/scheme/suite_test.go | 5 +-
pkg/status/status_test.go | 2 +-
pkg/status/suite_test.go | 7 +-
pkg/tracing/suite_test.go | 7 +-
pkg/tracing/tracing_test.go | 2 +-
pkg/version/version_suite_test.go | 2 +-
pkg/version/version_test.go | 2 +-
68 files changed, 17562 insertions(+), 12833 deletions(-)
diff --git a/apis/goharbor.io/v1alpha3/harbor_types_test.go b/apis/goharbor.io/v1alpha3/harbor_types_test.go
index 1bdda6933..29c077734 100644
--- a/apis/goharbor.io/v1alpha3/harbor_types_test.go
+++ b/apis/goharbor.io/v1alpha3/harbor_types_test.go
@@ -3,8 +3,7 @@ package v1alpha3_test
import (
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha3"
harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1"
- . "github.com/onsi/ginkgo"
- . "github.com/onsi/ginkgo/extensions/table"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
)
diff --git a/apis/goharbor.io/v1alpha3/v1alpha3_suite_test.go b/apis/goharbor.io/v1alpha3/v1alpha3_suite_test.go
index 7b5bd9ee4..332c2d97b 100644
--- a/apis/goharbor.io/v1alpha3/v1alpha3_suite_test.go
+++ b/apis/goharbor.io/v1alpha3/v1alpha3_suite_test.go
@@ -3,7 +3,7 @@ package v1alpha3_test
import (
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)
diff --git a/apis/goharbor.io/v1beta1/v1beta1_suite_test.go b/apis/goharbor.io/v1beta1/v1beta1_suite_test.go
index eb7e975dd..5043a0ef0 100644
--- a/apis/goharbor.io/v1beta1/v1beta1_suite_test.go
+++ b/apis/goharbor.io/v1beta1/v1beta1_suite_test.go
@@ -3,7 +3,7 @@ package v1beta1_test
import (
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)
diff --git a/controllers/goharbor/chartmuseum/chartmuseum_test.go b/controllers/goharbor/chartmuseum/chartmuseum_test.go
index b9b93e43b..b63b87721 100644
--- a/controllers/goharbor/chartmuseum/chartmuseum_test.go
+++ b/controllers/goharbor/chartmuseum/chartmuseum_test.go
@@ -6,7 +6,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/chartmuseum/suite_test.go b/controllers/goharbor/chartmuseum/suite_test.go
index 260d33f1e..3b0f615c1 100644
--- a/controllers/goharbor/chartmuseum/suite_test.go
+++ b/controllers/goharbor/chartmuseum/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/chartmuseum"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewChartMuseum(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/controller_test.go b/controllers/goharbor/controller_test.go
index 7ce57ee19..df327db2e 100644
--- a/controllers/goharbor/controller_test.go
+++ b/controllers/goharbor/controller_test.go
@@ -4,8 +4,7 @@ import (
"context"
"time"
- . "github.com/onsi/ginkgo"
- . "github.com/onsi/ginkgo/extensions/table"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
. "github.com/onsi/gomega/gstruct"
diff --git a/controllers/goharbor/core/core_test.go b/controllers/goharbor/core/core_test.go
index d301511af..70a9996e7 100644
--- a/controllers/goharbor/core/core_test.go
+++ b/controllers/goharbor/core/core_test.go
@@ -7,7 +7,7 @@ import (
"strings"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/core/suite_test.go b/controllers/goharbor/core/suite_test.go
index f2f1000c5..62393853f 100644
--- a/controllers/goharbor/core/suite_test.go
+++ b/controllers/goharbor/core/suite_test.go
@@ -17,13 +17,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/core"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -34,12 +33,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -47,9 +44,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewCore(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/harbor/harbor_suite_test.go b/controllers/goharbor/harbor/harbor_suite_test.go
index 7ab3def5d..e59482408 100644
--- a/controllers/goharbor/harbor/harbor_suite_test.go
+++ b/controllers/goharbor/harbor/harbor_suite_test.go
@@ -2,7 +2,7 @@ package harbor_test
import (
"context"
- "io/ioutil"
+ "os"
"strings"
"testing"
@@ -10,7 +10,7 @@ import (
"github.com/goharbor/harbor-operator/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/harbor"
"github.com/goharbor/harbor-operator/pkg/config"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/serializer"
@@ -24,7 +24,7 @@ func TestHarbor(t *testing.T) {
}
func fileString(filePath string) string {
- content, err := ioutil.ReadFile(filePath)
+ content, err := os.ReadFile(filePath)
Expect(err).NotTo(HaveOccurred())
return strings.TrimSpace(string(content))
diff --git a/controllers/goharbor/harbor/harbor_test.go b/controllers/goharbor/harbor/harbor_test.go
index cc3a9d53e..33d46c174 100644
--- a/controllers/goharbor/harbor/harbor_test.go
+++ b/controllers/goharbor/harbor/harbor_test.go
@@ -9,7 +9,7 @@ import (
"github.com/goharbor/harbor-operator/controllers/goharbor/harbor"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/pkg/image"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
diff --git a/controllers/goharbor/harbor/trivy_test.go b/controllers/goharbor/harbor/trivy_test.go
index 506508494..bf9b1f7a3 100644
--- a/controllers/goharbor/harbor/trivy_test.go
+++ b/controllers/goharbor/harbor/trivy_test.go
@@ -9,7 +9,7 @@ import (
"github.com/goharbor/harbor-operator/pkg/controller"
"github.com/goharbor/harbor-operator/pkg/factories/owner"
"github.com/goharbor/harbor-operator/pkg/graph"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/ovh/configstore"
ctrl "sigs.k8s.io/controller-runtime"
diff --git a/controllers/goharbor/harbor_test.go b/controllers/goharbor/harbor_test.go
index 2273d4dc1..6b7e4e4c0 100644
--- a/controllers/goharbor/harbor_test.go
+++ b/controllers/goharbor/harbor_test.go
@@ -12,7 +12,7 @@ import (
"github.com/goharbor/harbor-operator/pkg/factories/logger"
certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
apierrs "k8s.io/apimachinery/pkg/api/errors"
diff --git a/controllers/goharbor/internal/test/context.go b/controllers/goharbor/internal/test/context.go
index 14b2fd747..178d5b39d 100644
--- a/controllers/goharbor/internal/test/context.go
+++ b/controllers/goharbor/internal/test/context.go
@@ -6,7 +6,7 @@ import (
"github.com/goharbor/harbor-operator/pkg/factories/application"
"github.com/goharbor/harbor-operator/pkg/factories/logger"
"github.com/goharbor/harbor-operator/pkg/scheme"
- "github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/v2"
"github.com/onsi/gomega"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/client-go/rest"
diff --git a/controllers/goharbor/internal/test/init.go b/controllers/goharbor/internal/test/init.go
index c6bf0d03a..a7ac3e944 100644
--- a/controllers/goharbor/internal/test/init.go
+++ b/controllers/goharbor/internal/test/init.go
@@ -6,7 +6,7 @@ import (
"fmt"
"math/rand"
- "github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/v2"
"github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -72,7 +72,7 @@ func InitNamespace(ctxFactory func() context.Context) *corev1.Namespace {
})
ginkgo.AfterEach(func() {
- if ginkgo.CurrentGinkgoTestDescription().Failed && keepNamespaceOnFailure {
+ if ginkgo.CurrentSpecReport().Failed() && keepNamespaceOnFailure {
fmt.Fprintf(ginkgo.GinkgoWriter, "keeping namespace %s\n", ns.GetName())
return
diff --git a/controllers/goharbor/internal/test/manager.go b/controllers/goharbor/internal/test/manager.go
index 4aec2dd13..77833ba5a 100644
--- a/controllers/goharbor/internal/test/manager.go
+++ b/controllers/goharbor/internal/test/manager.go
@@ -3,7 +3,7 @@ package test
import (
"context"
- "github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/v2"
"github.com/onsi/gomega"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/manager"
diff --git a/controllers/goharbor/internal/test/pods/logs.go b/controllers/goharbor/internal/test/pods/logs.go
index 6f9f6f2ca..1b1ca67b8 100644
--- a/controllers/goharbor/internal/test/pods/logs.go
+++ b/controllers/goharbor/internal/test/pods/logs.go
@@ -5,7 +5,7 @@ import (
"fmt"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
- "github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/v2"
"github.com/onsi/gomega"
appsv1 "k8s.io/api/apps/v1"
"k8s.io/apimachinery/pkg/types"
@@ -43,10 +43,8 @@ func (pods Pods) Logs(ctx context.Context) map[string][]byte {
}
func LogsAll(ctx *context.Context, name func() types.NamespacedName) interface{} {
- return func(done ginkgo.Done) {
- defer close(done)
-
- if !ginkgo.CurrentGinkgoTestDescription().Failed {
+ return func() {
+ if !ginkgo.CurrentSpecReport().Failed() {
return
}
diff --git a/controllers/goharbor/internal/test/port-forward/port-forward.go b/controllers/goharbor/internal/test/port-forward/port-forward.go
index b591d907f..065977357 100644
--- a/controllers/goharbor/internal/test/port-forward/port-forward.go
+++ b/controllers/goharbor/internal/test/port-forward/port-forward.go
@@ -12,7 +12,7 @@ import (
"github.com/go-logr/logr"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods"
- "github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/v2"
"github.com/onsi/gomega"
"k8s.io/apimachinery/pkg/types"
"k8s.io/client-go/rest"
diff --git a/controllers/goharbor/jobservice/jobservice_test.go b/controllers/goharbor/jobservice/jobservice_test.go
index 1c58e87fa..2b692968a 100644
--- a/controllers/goharbor/jobservice/jobservice_test.go
+++ b/controllers/goharbor/jobservice/jobservice_test.go
@@ -6,7 +6,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
. "github.com/onsi/gomega/gstruct"
diff --git a/controllers/goharbor/jobservice/suite_test.go b/controllers/goharbor/jobservice/suite_test.go
index 1bd7e91ff..8573dc595 100644
--- a/controllers/goharbor/jobservice/suite_test.go
+++ b/controllers/goharbor/jobservice/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/jobservice"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewJobService(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/notaryserver/notaryserver_test.go b/controllers/goharbor/notaryserver/notaryserver_test.go
index a818f28f3..86f6197a8 100644
--- a/controllers/goharbor/notaryserver/notaryserver_test.go
+++ b/controllers/goharbor/notaryserver/notaryserver_test.go
@@ -5,7 +5,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/notaryserver/suite_test.go b/controllers/goharbor/notaryserver/suite_test.go
index d3086f499..64f6a3bd1 100644
--- a/controllers/goharbor/notaryserver/suite_test.go
+++ b/controllers/goharbor/notaryserver/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/notaryserver"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewNotaryServer(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/notarysigner/notarysigner_test.go b/controllers/goharbor/notarysigner/notarysigner_test.go
index ddbfb2b99..52574e473 100644
--- a/controllers/goharbor/notarysigner/notarysigner_test.go
+++ b/controllers/goharbor/notarysigner/notarysigner_test.go
@@ -7,7 +7,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/notarysigner/suite_test.go b/controllers/goharbor/notarysigner/suite_test.go
index 5f2d84551..0dd16bf5c 100644
--- a/controllers/goharbor/notarysigner/suite_test.go
+++ b/controllers/goharbor/notarysigner/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/notarysigner"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewNotarySigner(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/portal/portal_test.go b/controllers/goharbor/portal/portal_test.go
index 985a250db..2c6332556 100644
--- a/controllers/goharbor/portal/portal_test.go
+++ b/controllers/goharbor/portal/portal_test.go
@@ -5,7 +5,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/portal/suite_test.go b/controllers/goharbor/portal/suite_test.go
index b20ff9468..b6e1d96a2 100644
--- a/controllers/goharbor/portal/suite_test.go
+++ b/controllers/goharbor/portal/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/portal"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewPortal(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/pullsecretbinding/pullsecretbinding.go b/controllers/goharbor/pullsecretbinding/pullsecretbinding.go
index a03757636..11ea78df4 100644
--- a/controllers/goharbor/pullsecretbinding/pullsecretbinding.go
+++ b/controllers/goharbor/pullsecretbinding/pullsecretbinding.go
@@ -120,7 +120,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
if ferr != nil && bd.Status.Status != "error" {
bd.Status.Status = "error"
bd.Status.Message = ferr.Error()
- if err := r.Status().Update(ctx, bd, &client.UpdateOptions{}); err != nil {
+ if err := r.Status().Update(ctx, bd); err != nil {
log.Error(err, "defer update status error", "cause", err)
}
}
@@ -170,7 +170,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
// TODO: add conditions
if bd.Status.Status != "ready" {
bd.Status.Status = "ready"
- if err := r.Status().Update(ctx, bd, &client.UpdateOptions{}); err != nil {
+ if err := r.Status().Update(ctx, bd); err != nil {
if apierr.IsConflict(err) {
log.Error(err, "failed to update status")
} else {
diff --git a/controllers/goharbor/registry/registry_test.go b/controllers/goharbor/registry/registry_test.go
index 22d51b31b..b5e0a8aa4 100644
--- a/controllers/goharbor/registry/registry_test.go
+++ b/controllers/goharbor/registry/registry_test.go
@@ -5,7 +5,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/controllers/goharbor/registry/suite_test.go b/controllers/goharbor/registry/suite_test.go
index 6a1ef78d4..702623a6c 100644
--- a/controllers/goharbor/registry/suite_test.go
+++ b/controllers/goharbor/registry/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/registry"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,22 +20,18 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
-
className := test.NewName("class")
reconciler = controllers.NewRegistry(ctx, className)
+ Expect(reconciler).ToNot(BeNil())
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/suite_test.go b/controllers/goharbor/suite_test.go
index ad583d949..8483a1fa6 100644
--- a/controllers/goharbor/suite_test.go
+++ b/controllers/goharbor/suite_test.go
@@ -19,7 +19,7 @@ import (
"path"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
@@ -35,7 +35,6 @@ import (
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/envtest"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/log/zap"
)
@@ -58,12 +57,10 @@ func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
rand.Seed(GinkgoRandomSeed())
version = newName("version")
@@ -110,9 +107,7 @@ var _ = BeforeSuite(func(done Done) {
err := mgr.Start(ctx)
Expect(err).NotTo(HaveOccurred(), "failed to start manager")
}()
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
ctx.Done()
diff --git a/controllers/goharbor/trivy/suite_test.go b/controllers/goharbor/trivy/suite_test.go
index da1a3faec..6f8956a26 100644
--- a/controllers/goharbor/trivy/suite_test.go
+++ b/controllers/goharbor/trivy/suite_test.go
@@ -4,13 +4,12 @@ import (
"context"
"testing"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers"
"github.com/goharbor/harbor-operator/controllers/goharbor/trivy"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
)
var (
@@ -21,12 +20,10 @@ var (
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
+ RunSpecs(t, "Controller Suite")
}
-var _ = BeforeSuite(func(done Done) {
+var _ = BeforeSuite(func() {
ctx = test.InitSuite()
className := test.NewName("class")
@@ -34,9 +31,7 @@ var _ = BeforeSuite(func(done Done) {
reconciler = controllers.NewTrivy(ctx, className)
test.StartManager(ctx)
-
- close(done)
-}, 60)
+})
var _ = AfterSuite(func() {
defer test.AfterSuite(ctx)
diff --git a/controllers/goharbor/trivy/trivy_test.go b/controllers/goharbor/trivy/trivy_test.go
index a4499ea90..449146b0c 100644
--- a/controllers/goharbor/trivy/trivy_test.go
+++ b/controllers/goharbor/trivy/trivy_test.go
@@ -5,7 +5,7 @@ import (
"fmt"
"time"
- . "github.com/onsi/ginkgo"
+ . "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
diff --git a/go.mod b/go.mod
index 687d5212b..39dddc931 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/containers/image/v5 v5.16.1
github.com/go-kit/kit v0.10.0
- github.com/go-logr/logr v1.2.0
+ github.com/go-logr/logr v1.2.4
github.com/go-openapi/runtime v0.21.0
github.com/go-redis/redis v6.15.9+incompatible
github.com/goharbor/go-client v0.25.0
@@ -16,60 +16,59 @@ require (
github.com/jetstack/cert-manager v1.1.0
github.com/markbates/pkger v0.17.1
github.com/minio/minio-go/v6 v6.0.57
- github.com/onsi/ginkgo v1.16.5
- github.com/onsi/gomega v1.17.0
+ github.com/onsi/ginkgo/v2 v2.6.0
+ github.com/onsi/gomega v1.24.1
github.com/opentracing-contrib/go-stdlib v1.0.0
github.com/opentracing/opentracing-go v1.2.0
github.com/ovh/configstore v0.3.2
github.com/pkg/errors v0.9.1
- github.com/prometheus/client_golang v1.11.1
+ github.com/prometheus/client_golang v1.14.0
github.com/sethvargo/go-password v0.1.3
github.com/sirupsen/logrus v1.8.1
github.com/spotahome/redis-operator v1.1.1
- github.com/stretchr/testify v1.7.0
+ github.com/stretchr/testify v1.8.2
github.com/theupdateframework/notary v0.6.1
github.com/uber/jaeger-client-go v2.24.0+incompatible
github.com/uber/jaeger-lib v2.2.0+incompatible
github.com/umisama/go-regexpcache v0.0.0-20150417035358-2444a542492f
github.com/zalando/postgres-operator v1.6.1
- go.uber.org/zap v1.19.1
- golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
- golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+ go.uber.org/zap v1.24.0
+ golang.org/x/crypto v0.1.0
+ golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4
gopkg.in/yaml.v2 v2.4.0
- k8s.io/api v0.23.0
- k8s.io/apiextensions-apiserver v0.23.0
- k8s.io/apimachinery v0.23.0
- k8s.io/client-go v0.23.0
+ k8s.io/api v0.26.1
+ k8s.io/apiextensions-apiserver v0.26.1
+ k8s.io/apimachinery v0.26.1
+ k8s.io/client-go v0.26.1
k8s.io/klog v1.0.0
- sigs.k8s.io/controller-runtime v0.11.0
+ sigs.k8s.io/controller-runtime v0.14.6
sigs.k8s.io/kustomize/kstatus v0.0.2
sigs.k8s.io/yaml v1.3.0
)
require (
- cloud.google.com/go v0.97.0 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
- github.com/PuerkitoBio/purell v1.1.1 // indirect
- github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 // indirect
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
github.com/beego/beego v1.12.9 // indirect
github.com/beorn7/perks v1.0.1 // indirect
- github.com/cenkalti/backoff/v4 v4.1.1 // indirect
- github.com/cespare/xxhash/v2 v2.1.2 // indirect
+ github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+ github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/docker/distribution v2.8.1+incompatible // indirect
github.com/docker/go v0.0.0-20160303222718-d30aec9fd63c // indirect
- github.com/evanphx/json-patch v4.12.0+incompatible // indirect
- github.com/felixge/httpsnoop v1.0.2 // indirect
- github.com/fsnotify/fsnotify v1.5.1 // indirect
+ github.com/emicklei/go-restful/v3 v3.9.0 // indirect
+ github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+ github.com/felixge/httpsnoop v1.0.3 // indirect
+ github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/ghodss/yaml v1.0.0 // indirect
- github.com/go-logfmt/logfmt v0.5.0 // indirect
- github.com/go-logr/zapr v1.2.0 // indirect
+ github.com/go-logfmt/logfmt v0.5.1 // indirect
+ github.com/go-logr/stdr v1.2.2 // indirect
+ github.com/go-logr/zapr v1.2.3 // indirect
github.com/go-openapi/analysis v0.20.1 // indirect
github.com/go-openapi/errors v0.20.1 // indirect
github.com/go-openapi/jsonpointer v0.19.5 // indirect
- github.com/go-openapi/jsonreference v0.19.6 // indirect
+ github.com/go-openapi/jsonreference v0.20.0 // indirect
github.com/go-openapi/loads v0.21.0 // indirect
github.com/go-openapi/spec v0.20.4 // indirect
github.com/go-openapi/strfmt v0.21.0 // indirect
@@ -80,11 +79,11 @@ require (
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
- github.com/google/go-cmp v0.5.8 // indirect
+ github.com/google/gnostic v0.5.7-v3refs // indirect
+ github.com/google/go-cmp v0.5.9 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/uuid v1.3.0 // indirect
- github.com/googleapis/gnostic v0.5.5 // indirect
- github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
+ github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/huandu/xstrings v1.3.2 // indirect
github.com/imdario/mergo v0.3.12 // indirect
@@ -100,7 +99,7 @@ require (
github.com/kr/text v0.2.0 // indirect
github.com/lib/pq v1.10.2 // indirect
github.com/mailru/easyjson v0.7.6 // indirect
- github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+ github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
github.com/minio/md5-simd v1.1.0 // indirect
github.com/minio/sha256-simd v0.1.1 // indirect
github.com/mitchellh/copystructure v1.1.1 // indirect
@@ -111,48 +110,47 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/motomux/pretty v0.0.0-20161209205251-b2aad2c9a95d // indirect
+ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/oklog/ulid v1.3.1 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
- github.com/prometheus/client_model v0.2.0 // indirect
- github.com/prometheus/common v0.31.1 // indirect
- github.com/prometheus/procfs v0.7.3 // indirect
+ github.com/prometheus/client_model v0.3.0 // indirect
+ github.com/prometheus/common v0.37.0 // indirect
+ github.com/prometheus/procfs v0.8.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
go.mongodb.org/mongo-driver v1.7.3 // indirect
- go.opentelemetry.io/contrib v0.22.0 // indirect
- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.22.0 // indirect
- go.opentelemetry.io/otel v1.0.0 // indirect
- go.opentelemetry.io/otel/exporters/jaeger v1.0.0 // indirect
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.0.0 // indirect
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.0.0 // indirect
- go.opentelemetry.io/otel/internal/metric v0.22.0 // indirect
- go.opentelemetry.io/otel/metric v0.22.0 // indirect
- go.opentelemetry.io/otel/sdk v1.0.0 // indirect
- go.opentelemetry.io/otel/trace v1.0.0 // indirect
- go.opentelemetry.io/proto/otlp v0.9.0 // indirect
+ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0 // indirect
+ go.opentelemetry.io/otel v1.12.0 // indirect
+ go.opentelemetry.io/otel/exporters/jaeger v1.12.0 // indirect
+ go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.12.0 // indirect
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.12.0 // indirect
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.12.0 // indirect
+ go.opentelemetry.io/otel/metric v0.31.0 // indirect
+ go.opentelemetry.io/otel/sdk v1.12.0 // indirect
+ go.opentelemetry.io/otel/trace v1.12.0 // indirect
+ go.opentelemetry.io/proto/otlp v0.19.0 // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
- golang.org/x/net v0.7.0 // indirect
- golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1 // indirect
- golang.org/x/sys v0.5.0 // indirect
- golang.org/x/term v0.5.0 // indirect
- golang.org/x/text v0.7.0 // indirect
- golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
+ golang.org/x/net v0.8.0 // indirect
+ golang.org/x/oauth2 v0.4.0 // indirect
+ golang.org/x/sys v0.7.0 // indirect
+ golang.org/x/term v0.6.0 // indirect
+ golang.org/x/text v0.8.0 // indirect
+ golang.org/x/time v0.3.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
- google.golang.org/genproto v0.0.0-20211013025323-ce878158c4d4 // indirect
- google.golang.org/grpc v1.41.0 // indirect
- google.golang.org/protobuf v1.27.1 // indirect
+ google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
+ google.golang.org/grpc v1.54.0 // indirect
+ google.golang.org/protobuf v1.30.0 // indirect
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.62.0 // indirect
- gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
- gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
- k8s.io/component-base v0.23.0 // indirect
- k8s.io/klog/v2 v2.30.0 // indirect
- k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect
- k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b // indirect
- sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 // indirect
- sigs.k8s.io/structured-merge-diff/v4 v4.2.0 // indirect
+ gopkg.in/yaml.v3 v3.0.1 // indirect
+ k8s.io/component-base v0.26.1 // indirect
+ k8s.io/klog/v2 v2.80.1 // indirect
+ k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
+ k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect
+ sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+ sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
)
diff --git a/go.sum b/go.sum
index 8e7078b39..26e1479d4 100644
--- a/go.sum
+++ b/go.sum
@@ -15,19 +15,6 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
-cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI=
-cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
-cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg=
-cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8=
-cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0=
-cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY=
-cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM=
-cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY=
-cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ=
-cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI=
-cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4=
-cloud.google.com/go v0.97.0 h1:3DXvAyifywvq64LfkKaMOmkWPS1CikIQdMe2lY9vxU8=
-cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc=
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
@@ -51,21 +38,17 @@ github.com/14rcole/gopopulate v0.0.0-20180821133914-b175b219e774/go.mod h1:6/0dY
github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/azure-sdk-for-go v46.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
-github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
-github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630=
github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
github.com/Azure/go-autorest/autorest v0.11.6/go.mod h1:V6p3pKZx1KKkJubbxnDWrzNhEIfOy/pTGasLqzHIPHs=
-github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA=
github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q=
github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg=
github.com/Azure/go-autorest/autorest/adal v0.9.4/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE=
github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A=
-github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g=
github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74=
@@ -78,7 +61,6 @@ github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcP
github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E=
github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
-github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
@@ -114,14 +96,11 @@ github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX
github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU=
github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY=
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
-github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c=
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
-github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=
github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
-github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M=
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ=
github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
@@ -144,13 +123,13 @@ github.com/alicebob/gopher-json v0.0.0-20180125190556-5a6b3ba71ee6/go.mod h1:SGn
github.com/alicebob/miniredis v2.5.0+incompatible/go.mod h1:8HZjEj4yU0dwhYHky+DxYx+6BMjkBbe5ONFIF1MXffk=
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
-github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY=
github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A=
github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
@@ -170,7 +149,6 @@ github.com/beego/beego v1.12.9 h1:knN+7lL7BSVFm6McUVu58QVrh2UUPn0C9ioq83W5seo=
github.com/beego/beego v1.12.9/go.mod h1:QURFL1HldOcCZAxnc1cZ7wrplsYR5dKPHFjmk6WkLAs=
github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkYwXMUU0OhQqGvsY2Bvgr4j6jfT699wyZKQ=
github.com/beego/x2j v0.0.0-20131220205130-a0352aadc542/go.mod h1:kSeGC/p1AbBiEp5kat81+DSQrZenVBZXklMLaELspWU=
-github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
@@ -182,7 +160,6 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB
github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
-github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
@@ -196,15 +173,14 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3k
github.com/casbin/casbin v1.7.0/go.mod h1:c67qKN6Oum3UF5Q1+BByfFxkwKvhwW57ITjqwtzR1KE=
github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
-github.com/cenkalti/backoff/v4 v4.1.1 h1:G2HAfAmvm/GcKan2oOQpBXOd2tT2G57ZnZGWa1PxPBQ=
-github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
+github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
+github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
-github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw=
github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw=
github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M=
@@ -221,15 +197,14 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
github.com/cloudflare/cloudflare-go v0.13.2/go.mod h1:27kfc1apuifUmJhp069y0+hwlKDg4bd8LWlu7oKeZvM=
github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
+github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
-github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo=
-github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
-github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd h1:qMd81Ts1T2OTKmB4acZcyKaMtRnY5Y44NuXGX2GFJ1w=
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
@@ -351,7 +326,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:ma
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4=
github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ=
@@ -405,13 +379,13 @@ github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7fo
github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
+github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
+github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
@@ -420,27 +394,24 @@ github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLi
github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
-github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
+github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww=
+github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4=
github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4=
github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
-github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
-github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o=
-github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
+github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
-github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
-github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI=
-github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
+github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
+github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA=
github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
-github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg=
-github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
@@ -456,20 +427,26 @@ github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo=
github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
+github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
github.com/go-ldap/ldap v3.0.2+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
-github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih4=
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
+github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
+github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-logr/logr v0.2.1-0.20200730175230-ee2de8da5be6/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
-github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE=
github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
+github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-logr/zapr v0.1.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk=
github.com/go-logr/zapr v0.1.1/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk=
-github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk=
-github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro=
+github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A=
+github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4=
github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI=
github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
@@ -504,8 +481,9 @@ github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3Hfo
github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc=
github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg=
-github.com/go-openapi/jsonreference v0.19.6 h1:UBIxjkht+AWIgYzCDSv2GN+E/togfwXUJFRTWhl2Jjs=
github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns=
+github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA=
+github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo=
github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
@@ -582,7 +560,6 @@ github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gG
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0=
github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY=
@@ -632,6 +609,7 @@ github.com/goharbor/go-client v0.25.0/go.mod h1:XMWHucuHU9VTRx6U6wYwbRuyCVhE6ffJ
github.com/goharbor/harbor/src v0.0.0-20220526154154-b0506782b47d h1:MOwBwJi3VIoPls3O8jZrLHRbgw6l3rhIQQmZVAPL/t0=
github.com/goharbor/harbor/src v0.0.0-20220526154154-b0506782b47d/go.mod h1:ud/eT8hR+/hRtF/35KTuXSJFT/CMmaF/W30u03AgSqI=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ=
github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20180513044358-24b0969c4cb7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -648,8 +626,6 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
-github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
-github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.0.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -667,22 +643,19 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golangplus/bytes v0.0.0-20160111154220-45c989fe5450/go.mod h1:Bk6SMAONeMXrxql8uvOKuAZSu8aM5RUGv+1C6IJaEho=
github.com/golangplus/fmt v0.0.0-20150411045040-2a5d6d7d2995/go.mod h1:lJgMEyOkYFkPcDKwRXegd+iM6E7matEszMG5HhwytU8=
github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk=
github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA=
-github.com/google/cel-go v0.9.0/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w=
-github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA=
+github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54=
+github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -691,12 +664,11 @@ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y=
github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
@@ -706,8 +678,6 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
-github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
-github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
@@ -715,13 +685,6 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -731,14 +694,10 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
-github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU=
github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
-github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU=
-github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw=
-github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA=
github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
@@ -757,13 +716,13 @@ github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:Fecb
github.com/grpc-ecosystem/go-grpc-middleware v0.0.0-20190222133341-cfaf5686ec79/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
-github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y=
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
github.com/grpc-ecosystem/grpc-gateway v1.3.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo=
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 h1:BZHcxBETFHIdVyhyEfOvn/RdU/QGdLI4y34qQGjGWO0=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks=
github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
@@ -810,7 +769,6 @@ github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw
github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
-github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
@@ -869,7 +827,6 @@ github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHW
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
-github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
@@ -905,7 +862,6 @@ github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQ
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
@@ -932,7 +888,6 @@ github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQN
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
@@ -965,8 +920,9 @@ github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lL
github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U=
github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI=
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM=
+github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
@@ -1007,7 +963,6 @@ github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2J
github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A=
github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ=
github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo=
-github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -1024,6 +979,7 @@ github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2
github.com/mtrmac/gpgme v0.1.2/go.mod h1:GYYHnGSuS7HK3zVS2n3y73y0okK/BeKzwnn5jgiVFNI=
github.com/munnerz/crd-schema-fuzz v1.0.0/go.mod h1:4z/rcm37JxUkSsExFcLL6ZIT1SgDRdLiu7qq1evdVS0=
github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
@@ -1056,11 +1012,10 @@ github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+
github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg=
+github.com/onsi/ginkgo v1.12.1 h1:mFwc4LvZ0xpSvDZ3E+k8Yte0hLOMxXUlP+yXtJqkYfQ=
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
-github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
-github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
-github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
-github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
+github.com/onsi/ginkgo/v2 v2.6.0 h1:9t9b9vRUbFq3C4qKFCGkVuq/fIHji802N1nrtkh1mNc=
+github.com/onsi/ginkgo/v2 v2.6.0/go.mod h1:63DOGlLAH8+REH8jUGdL3YpCpu7JODesutUjdENfUAc=
github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v1.3.0/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
@@ -1071,8 +1026,8 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J
github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA=
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc=
-github.com/onsi/gomega v1.17.0 h1:9Luw4uT5HTjHTN8+aNcSThgH1vdXnmdJ8xIfZ4wyTRE=
-github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY=
+github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E=
+github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM=
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
@@ -1125,7 +1080,6 @@ github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/9
github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo=
github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
-github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
github.com/peterh/liner v1.0.1-0.20171122030339-3681c2a91233/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
@@ -1137,7 +1091,6 @@ github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
-github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -1154,16 +1107,18 @@ github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeD
github.com/prometheus/client_golang v1.7.0/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.11.1 h1:+4eQaD7vAZ6DsfsxB15hbE0odUjGI5ARs9yskGu1v4s=
-github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
+github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
+github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw=
+github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y=
github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4=
+github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w=
github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
@@ -1174,9 +1129,9 @@ github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+
github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
-github.com/prometheus/common v0.28.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.31.1 h1:d18hG4PkHnNAKNMOmFuXFaiY8Us0nird/2m60uS1AMs=
-github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
+github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
+github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE=
+github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
@@ -1191,8 +1146,9 @@ github.com/prometheus/procfs v0.0.11/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4
github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.7.3 h1:4jVXhlkAyzOScmCkXBTOLRLTz8EeU+eyjrwB/EPq0VU=
github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
+github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo=
+github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4=
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
github.com/r3labs/diff v1.1.0/go.mod h1:7WjXasNzi0vJetRcB/RqNl5dlIsmXcTTLmF5IoH6Xig=
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
@@ -1245,22 +1201,16 @@ github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIK
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/soheilhy/cmux v0.1.3/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
-github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0=
github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
-github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
-github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
-github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
-github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk=
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
-github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -1270,7 +1220,6 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An
github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
-github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns=
github.com/spotahome/redis-operator v1.1.1 h1:0GBtvUXOodv6n10FHySFrIKSj6ykZOymgWJrjL58rpw=
github.com/spotahome/redis-operator v1.1.1/go.mod h1:bXvvnesGbda+UXMX4SlXF9aBk7mFHtyE1ATKnvBntNk=
github.com/ssdb/gossdb v0.0.0-20180723034631-88f6b59b84ec/go.mod h1:QBvMkMya+gXctz3kmljlUCu/yB3GZ6oee+dUozsezQE=
@@ -1283,7 +1232,9 @@ github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
-github.com/stretchr/objx v0.3.0 h1:NGXK3lHquSN08v5vWalVI/L8XU9hdzE/G6xsrze47As=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
@@ -1291,8 +1242,11 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
@@ -1306,7 +1260,6 @@ github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/uber/jaeger-client-go v2.24.0+incompatible h1:CGchgJcHsDd2jWnaL4XngByMrXoGHh3n8oCqAKx0uMo=
github.com/uber/jaeger-client-go v2.24.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
github.com/uber/jaeger-lib v2.2.0+incompatible h1:MxZXOiR2JuoANZ3J6DE/U0kSFv/eJ/GfSYVCjK7dyaw=
@@ -1354,8 +1307,6 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
github.com/yuin/gopher-lua v0.0.0-20171031051903-609c9cd26973/go.mod h1:aEV29XrmTYFr3CiRxZeGHpkvbwq+prZduBqMaascyCU=
github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
@@ -1370,13 +1321,6 @@ go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
go.etcd.io/etcd v0.5.0-alpha.5.0.20200819165624-17cef6e3e9d5/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8=
go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg=
-go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
-go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
-go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ=
-go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0=
-go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE=
-go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc=
-go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4=
go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
@@ -1396,49 +1340,27 @@ go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
-go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
-go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc=
-go.opentelemetry.io/contrib v0.22.0 h1:0F7gDEjgb1WGn4ODIjaCAg75hmqF+UN0LiVgwxsCodc=
-go.opentelemetry.io/contrib v0.22.0/go.mod h1:EH4yDYeNoaTqn/8yCWQmfNB78VHfGX2Jt2bvnvzBlGM=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.22.0 h1:WHjZguqT+3UjTgFum33hWZYybDVnx8u9q5/kQDfaGTs=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.22.0/go.mod h1:o3MuU25bYroYnc2TOKe8mTk8f9X1oPFO6C5RCoPKtSU=
-go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo=
-go.opentelemetry.io/otel v1.0.0-RC1/go.mod h1:x9tRa9HK4hSSq7jf2TKbqFbtt58/TGk0f9XiEYISI1I=
-go.opentelemetry.io/otel v1.0.0-RC2/go.mod h1:w1thVQ7qbAy8MHb0IFj8a5Q2QU0l2ksf8u/CN8m3NOM=
-go.opentelemetry.io/otel v1.0.0 h1:qTTn6x71GVBvoafHK/yaRUmFzI4LcONZD0/kXxl5PHI=
-go.opentelemetry.io/otel v1.0.0/go.mod h1:AjRVh9A5/5DE7S+mZtTR6t8vpKKryam+0lREnfmS4cg=
-go.opentelemetry.io/otel/exporters/jaeger v1.0.0 h1:cLhx8llHw02h5JTqGqaRbYn+QVKHmrzD9vEbKnSPk5U=
-go.opentelemetry.io/otel/exporters/jaeger v1.0.0/go.mod h1:q10N1AolE1JjqKrFJK2tYw0iZpmX+HBaXBtuCzRnBGQ=
-go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.0.0 h1:Vv4wbLEjheCTPV07jEav7fyUpJkyftQK7Ss2G7qgdSo=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.0.0/go.mod h1:3VqVbIbjAycfL1C7sIu/Uh/kACIUPWHztt8ODYwR3oM=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.0.0 h1:JU4DYtRg3V83juRZfdUUtHLBlUPEnvcq/a30OOyUZGQ=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.0.0/go.mod h1:neVwLpom2R8BZm8pORLiKj7mLUqwsPZ2x1CqPf7VQLI=
-go.opentelemetry.io/otel/internal/metric v0.22.0 h1:Q9bS02XRykSRIbggaU4hVF9oWOP9PyILu26zJWoKmk0=
-go.opentelemetry.io/otel/internal/metric v0.22.0/go.mod h1:7qVuMihW/ktMonEfOvBXuh6tfMvvEyoIDgeJNRloYbQ=
-go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=
-go.opentelemetry.io/otel/metric v0.22.0 h1:/qv10BzznqEifrXBwsTT370OCN1PRgt+mnjzMwxJKrQ=
-go.opentelemetry.io/otel/metric v0.22.0/go.mod h1:KcsUkBiYGW003DJ+ugd2aqIRIfjabD9jeOUXqsAtrq0=
-go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw=
-go.opentelemetry.io/otel/oteltest v1.0.0-RC1/go.mod h1:+eoIG0gdEOaPNftuy1YScLr1Gb4mL/9lpDkZ0JjMRq4=
-go.opentelemetry.io/otel/oteltest v1.0.0-RC2 h1:xNKqMhlZYkASSyvF4JwObZFMq0jhFN3c3SP+2rCzVPk=
-go.opentelemetry.io/otel/oteltest v1.0.0-RC2/go.mod h1:kiQ4tw5tAL4JLTbcOYwK1CWI1HkT5aiLzHovgOVnz/A=
-go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc=
-go.opentelemetry.io/otel/sdk v1.0.0 h1:BNPMYUONPNbLneMttKSjQhOTlFLOD9U22HNG1KrIN2Y=
-go.opentelemetry.io/otel/sdk v1.0.0/go.mod h1:PCrDHlSy5x1kjezSdL37PhbFUMjrsLRshJ2zCzeXwbM=
-go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE=
-go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE=
-go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw=
-go.opentelemetry.io/otel/trace v1.0.0-RC1/go.mod h1:86UHmyHWFEtWjfWPSbu0+d0Pf9Q6e1U+3ViBOc+NXAg=
-go.opentelemetry.io/otel/trace v1.0.0-RC2/go.mod h1:JPQ+z6nNw9mqEGT8o3eoPTdnNI+Aj5JcxEsVGREIAy4=
-go.opentelemetry.io/otel/trace v1.0.0 h1:TSBr8GTEtKevYMG/2d21M989r5WJYVimhTHBKVEZuh4=
-go.opentelemetry.io/otel/trace v1.0.0/go.mod h1:PXTWqayeFUlJV1YDNhsJYB184+IvAH814St6o6ajzIs=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0 h1:Ajldaqhxqw/gNzQA45IKFWLdG7jZuXX/wBW1d5qvbUI=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0/go.mod h1:9NiG9I2aHTKkcxqCILhjtyNA1QEiCjdBACv4IvrFQ+c=
+go.opentelemetry.io/otel v1.12.0 h1:IgfC7kqQrRccIKuB7Cl+SRUmsKbEwSGPr0Eu+/ht1SQ=
+go.opentelemetry.io/otel v1.12.0/go.mod h1:geaoz0L0r1BEOR81k7/n9W4TCXYCJ7bPO7K374jQHG0=
+go.opentelemetry.io/otel/exporters/jaeger v1.12.0 h1:1Vy11S0iAD70EPfcP3N2f2IhLq/cIuTW+Zt010MswR8=
+go.opentelemetry.io/otel/exporters/jaeger v1.12.0/go.mod h1:SCLbaspEoU9mGJZB6ksc2iSGU6CLWY5yefchDqOM0IM=
+go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.12.0 h1:UfDENi+LTcLjQ/JhaXimjlIgn7wWjwbEMmdREm2Gyng=
+go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.12.0/go.mod h1:rqbht/LlhVBgn5+k3M5QK96K5Xb0DvXpMJ5SFQpY6uw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.12.0 h1:ZVqtSAxrR4+ofzayuww0/EKamCjjnwnXTMRZzMudJoU=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.12.0/go.mod h1:IlaGLENJkAl9+Xoo3J0unkdOwtL+rmqZ3ryMjUtYA94=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.12.0 h1:L23MzcHDznr05xOM1Ng1F98L0nVd7hm/S7y2jW9IRB4=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.12.0/go.mod h1:C+onYX2j5QH653b3wGJwowYr8jLMjBJw35QcaCQQK0U=
+go.opentelemetry.io/otel/metric v0.31.0 h1:6SiklT+gfWAwWUR0meEMxQBtihpiEs4c+vL9spDTqUs=
+go.opentelemetry.io/otel/metric v0.31.0/go.mod h1:ohmwj9KTSIeBnDBm/ZwH2PSZxZzoOaG2xZeekTRzL5A=
+go.opentelemetry.io/otel/sdk v1.12.0 h1:8npliVYV7qc0t1FKdpU08eMnOjgPFMnriPhn0HH4q3o=
+go.opentelemetry.io/otel/sdk v1.12.0/go.mod h1:WYcvtgquYvgODEvxOry5owO2y9MyciW7JqMz6cpXShE=
+go.opentelemetry.io/otel/trace v1.12.0 h1:p28in++7Kd0r2d8gSt931O57fdjUyWxkVbESuILAeUc=
+go.opentelemetry.io/otel/trace v1.12.0/go.mod h1:pHlgBynn6s25qJ2szD+Bv+iwKJttjHSI3lUAyf0GNuQ=
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
-go.opentelemetry.io/proto/otlp v0.9.0 h1:C0g6TWmQYvjKRnljRULLWUVJGy8Uvu0NEL/5frY2/t4=
-go.opentelemetry.io/proto/otlp v0.9.0/go.mod h1:1vKfU9rv61e9EVGthD1zNvUbiwPcimSsOPU9brfSHJg=
+go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw=
+go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U=
go.uber.org/atomic v0.0.0-20181018215023-8dc6146f7569/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
@@ -1446,8 +1368,7 @@ go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
-go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk=
go.uber.org/multierr v0.0.0-20180122172545-ddea229ff1df/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
@@ -1458,10 +1379,9 @@ go.uber.org/zap v0.0.0-20180814183419-67bc79d13d15/go.mod h1:vwi/ZaCAaUcBkycHslx
go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
-go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
-go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI=
-go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
+go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
+go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -1492,9 +1412,8 @@ golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWP
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -1519,8 +1438,6 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
@@ -1530,8 +1447,6 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180112015858-5ccada7d0a7b/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1581,41 +1496,28 @@ golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81R
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
-golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
-golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
-golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
+golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1 h1:B333XXssMuKQeBwiNODx4TupZy7bf4sxFZnN2ZOcvUE=
-golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
+golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M=
+golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1627,8 +1529,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180117170059-2c42eef0765b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1694,7 +1596,6 @@ golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -1702,8 +1603,6 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -1714,42 +1613,28 @@ golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
-golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1762,16 +1647,15 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
-golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
+golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs=
-golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
+golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -1829,7 +1713,6 @@ golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjs
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
@@ -1838,21 +1721,8 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
-golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201207204333-a835c872fcea/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
-golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.6-0.20210820212750-d4cc65f0b2ff/go.mod h1:YD9qOF0M9xpSpdWTBbzEl5e/RnCefISl8E5Noe10jFM=
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1883,19 +1753,6 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
-google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
-google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
-google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
-google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
-google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
-google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8=
-google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
-google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4=
-google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw=
-google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU=
-google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k=
-google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
-google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -1931,7 +1788,6 @@ google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfG
google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
@@ -1941,36 +1797,11 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201102152239-715cce707fb0/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
-google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
-google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24=
-google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
-google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
-google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
-google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
-google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w=
-google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211013025323-ce878158c4d4 h1:NBxB1XxiWpGqkPUiJ9PoBXkHV5A9+GohMOA+EmWoPbU=
-google.golang.org/genproto v0.0.0-20211013025323-ce878158c4d4/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w=
+google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
@@ -1992,22 +1823,13 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
-google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
-google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/grpc v1.41.0 h1:f+PlOh7QV4iIJkPrx5NQ7qaNGFQ3OTse67yaDHfju4E=
-google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
-google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
+google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
+google.golang.org/grpc v1.54.0 h1:EhTqbhiYeixwWQtAEZAxmV9MGqcjEU2mFx52xCzNyag=
+google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@@ -2020,8 +1842,9 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
+google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw=
@@ -2071,8 +1894,9 @@ gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966/go.mod h1:K4uyk7z7BCEPqu6E+C
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8=
@@ -2094,15 +1918,15 @@ k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo=
k8s.io/api v0.20.2/go.mod h1:d7n6Ehyzx+S+cE3VhTGfVNNqtGc/oL9DCdYYahlurV8=
k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ=
k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8=
-k8s.io/api v0.23.0 h1:WrL1gb73VSC8obi8cuYETJGXEoFNEh3LU0Pt+Sokgro=
-k8s.io/api v0.23.0/go.mod h1:8wmDdLBHBNxtOIytwLstXt5E9PddnZb0GaMcqsvDBpg=
+k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ=
+k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg=
k8s.io/apiextensions-apiserver v0.0.0-20190918161926-8f644eb6e783/go.mod h1:xvae1SZB3E17UpV59AWc271W/Ph25N+bjPyR63X6tPY=
k8s.io/apiextensions-apiserver v0.18.0/go.mod h1:18Cwn1Xws4xnWQNC00FLq1E350b9lUF+aOdIWDOZxgo=
k8s.io/apiextensions-apiserver v0.18.6/go.mod h1:lv89S7fUysXjLZO7ke783xOwVTm6lKizADfvUM/SS/M=
k8s.io/apiextensions-apiserver v0.19.0/go.mod h1:znfQxNpjqz/ZehvbfMg5N6fvBJW5Lqu5HVLTJQdP4Fs=
k8s.io/apiextensions-apiserver v0.19.4/go.mod h1:B9rpH/nu4JBCtuUp3zTTk8DEjZUupZTBEec7/2zNRYw=
-k8s.io/apiextensions-apiserver v0.23.0 h1:uii8BYmHYiT2ZTAJxmvc3X8UhNYMxl2A0z0Xq3Pm+WY=
-k8s.io/apiextensions-apiserver v0.23.0/go.mod h1:xIFAEEDlAZgpVBl/1VSjGDmLoXAWRG40+GsWhKhAxY4=
+k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI=
+k8s.io/apiextensions-apiserver v0.26.1/go.mod h1:AptjOSXDGuE0JICx/Em15PaoO7buLwTs0dGleIHixSM=
k8s.io/apimachinery v0.0.0-20190913080033-27d36303b655/go.mod h1:nL6pwRT8NgfF8TT68DBI8uEePRt89cSvoXUVqbkWHq4=
k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg=
k8s.io/apimachinery v0.18.0/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA=
@@ -2113,8 +1937,8 @@ k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRp
k8s.io/apimachinery v0.20.2/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc=
-k8s.io/apimachinery v0.23.0 h1:mIfWRMjBuMdolAWJ3Fd+aPTMv3X9z+waiARMpvvb0HQ=
-k8s.io/apimachinery v0.23.0/go.mod h1:fFCTTBKvKcwTPFzjlcxp91uPFZr+JA0FubU4fLzzFYc=
+k8s.io/apimachinery v0.26.1 h1:8EZ/eGJL+hY/MYCNwhmDzVqq2lPl3N3Bo8rvweJwXUQ=
+k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74=
k8s.io/apiserver v0.0.0-20190918160949-bfa5e2e684ad/go.mod h1:XPCXEwhjaFN29a8NldXA901ElnKeKLrLtREO9ZhFyhg=
k8s.io/apiserver v0.18.0/go.mod h1:3S2O6FeBBd6XTo0njUrLxiqk8GNy6wWOftjhJcXYnjw=
k8s.io/apiserver v0.18.6/go.mod h1:Zt2XvTHuaZjBz6EFYzpp+X4hTmgWGy8AthNVnTdm3Wg=
@@ -2123,7 +1947,6 @@ k8s.io/apiserver v0.19.4/go.mod h1:X8WRHCR1UGZDd7HpV0QDc1h/6VbbpAeAGyxSh8yzZXw=
k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU=
k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM=
k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q=
-k8s.io/apiserver v0.23.0/go.mod h1:Cec35u/9zAepDPPFyT+UMrgqOCjgJ5qtfVJDxjZYmt4=
k8s.io/cli-runtime v0.19.0/go.mod h1:tun9l0eUklT8IHIM0jors17KmUjcrAxn0myoBYwuNuo=
k8s.io/client-go v0.0.0-20190918160344-1fbdaa4c8d90/go.mod h1:J69/JveO6XESwVgG53q3Uz5OSfgsv4uxpScmmyYOOlk=
k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k=
@@ -2135,14 +1958,13 @@ k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y=
k8s.io/client-go v0.20.2/go.mod h1:kH5brqWqp7HDxUFKoEgiI4v8G1xzbe9giaCenUWJzgE=
k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k=
k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0=
-k8s.io/client-go v0.23.0 h1:vcsOqyPq7XV3QmQRCBH/t9BICJM9Q1M18qahjv+rebY=
-k8s.io/client-go v0.23.0/go.mod h1:hrDnpnK1mSr65lHHcUuIZIXDgEbzc7/683c6hyG4jTA=
+k8s.io/client-go v0.26.1 h1:87CXzYJnAMGaa/IDDfRdhTzxk/wzGZ+/HUQpqgVSZXU=
+k8s.io/client-go v0.26.1/go.mod h1:IWNSglg+rQ3OcvDkhY6+QLeasV4OYHDjdqeWkDQZwGE=
k8s.io/code-generator v0.0.0-20190912054826-cd179ad6a269/go.mod h1:V5BD6M4CyaN5m+VthcclXWsVcT1Hu+glwa1bi3MIsyE=
k8s.io/code-generator v0.18.0/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc=
k8s.io/code-generator v0.18.6/go.mod h1:TgNEVx9hCyPGpdtCWA34olQYLkh3ok9ar7XfSsr8b6c=
k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk=
k8s.io/code-generator v0.19.4/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk=
-k8s.io/code-generator v0.23.0/go.mod h1:vQvOhDXhuzqiVfM/YHp+dmg10WDZCchJVObc9MvowsE=
k8s.io/component-base v0.0.0-20190918160511-547f6c5d7090/go.mod h1:933PBGtQFJky3TEwYx4aEPZ4IxqhWh3R6DCmzqIn1hA=
k8s.io/component-base v0.18.0/go.mod h1:u3BCg0z1uskkzrnAKFzulmYaEpZF7XC9Pf/uFyb1v2c=
k8s.io/component-base v0.18.6/go.mod h1:knSVsibPR5K6EW2XOjEHik6sdU5nCvKMrzMt2D4In14=
@@ -2151,8 +1973,8 @@ k8s.io/component-base v0.19.4/go.mod h1:ZzuSLlsWhajIDEkKF73j64Gz/5o0AgON08FgRbEP
k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk=
k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI=
k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM=
-k8s.io/component-base v0.23.0 h1:UAnyzjvVZ2ZR1lF35YwtNY6VMN94WtOnArcXBu34es8=
-k8s.io/component-base v0.23.0/go.mod h1:DHH5uiFvLC1edCpvcTDV++NKULdYYU6pR9Tt3HIKMKI=
+k8s.io/component-base v0.26.1 h1:4ahudpeQXHZL5kko+iDHqLj/FSGAEUnSVO0EBbgDd+4=
+k8s.io/component-base v0.26.1/go.mod h1:VHrLR0b58oC035w6YQiBSbtsf0ThuSwXP+p5dD/kAWU=
k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM=
k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI=
k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI=
@@ -2162,7 +1984,6 @@ k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8
k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
-k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v0.4.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
@@ -2172,8 +1993,8 @@ k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.30.0 h1:bUO6drIvCIsvZ/XFgfxoGFQU/a4Qkh0iAlvUR7vlHJw=
-k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
+k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=
+k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
k8s.io/kube-aggregator v0.19.0/go.mod h1:1Ln45PQggFAG8xOqWPIYMxUq8WNtpPnYsbUJ39DpF/A=
k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
@@ -2181,8 +2002,8 @@ k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C
k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM=
-k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 h1:E3J9oCLlaobFUqsjG9DfKbP2BmgwBL2p7pn0A3dG9W4=
-k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk=
+k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E=
+k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4=
k8s.io/kubectl v0.19.0/go.mod h1:gPCjjsmE6unJzgaUNXIFGZGafiUp5jh0If3F/x7/rRg=
k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
k8s.io/metrics v0.19.0/go.mod h1:WykpW8B60OeAJx1imdwUgyOID2kDljr/Q+1zrPJ98Wo=
@@ -2192,9 +2013,8 @@ k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl
k8s.io/utils v0.0.0-20200603063816-c1c6865ac451/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
-k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
-k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b h1:wxEMGetGMur3J1xuGLQY7GEQYg9bZxKn3tKo5k/eYcs=
-k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw=
modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk=
modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k=
@@ -2207,14 +2027,13 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.7/go.mod h1:PHgbrJT
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.9/go.mod h1:dzAXnQbTRyDlZPJX2SUPEqvnB+j7AJjtlox7PEwigU0=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
-sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25/go.mod h1:Mlj9PNLmG9bZ6BHFwFKDo5afkpWyUISkb9Me0GnK66I=
sigs.k8s.io/controller-runtime v0.4.0/go.mod h1:ApC79lpY3PHW9xj/w9pj+lYkLgwAAUZwfXkME1Lajns=
sigs.k8s.io/controller-runtime v0.6.2/go.mod h1:vhcq/rlnENJ09SIRp3EveTaZ0yqH526hjf9iJdbUJ/E=
-sigs.k8s.io/controller-runtime v0.11.0 h1:DqO+c8mywcZLFJWILq4iktoECTyn30Bkj0CwgqMpZWQ=
-sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA=
+sigs.k8s.io/controller-runtime v0.14.6 h1:oxstGVvXGNnMvY7TAESYk+lzr6S3V5VFxQ6d92KcwQA=
+sigs.k8s.io/controller-runtime v0.14.6/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0=
sigs.k8s.io/controller-tools v0.2.9-0.20200414181213-645d44dca7c0/go.mod h1:YKE/iHvcKITCljdnlqHYe+kAt7ZldvtAwUzQff0k1T0=
-sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 h1:fD1pz4yfdADVNfFmcP2aBEtudwUQ1AlLnRBALr33v3s=
-sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs=
+sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
+sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/kustomize v2.0.3+incompatible/go.mod h1:MkjgH3RdOWrievjo6c9T245dYlB5QeXV4WCbnt/PEpU=
sigs.k8s.io/kustomize/kstatus v0.0.2 h1:7GoHi/Vq7rIAS8AQONlfcdaCpVXY0HqzNhU5us7dToA=
sigs.k8s.io/kustomize/kstatus v0.0.2/go.mod h1:6qUKWLy4+yGExtjbs+fibz2tOBZG7413yx2NHyAzIU0=
@@ -2225,9 +2044,8 @@ sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnM
sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
-sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4=
-sigs.k8s.io/structured-merge-diff/v4 v4.2.0 h1:kDvPBbnPk+qYmkHmSo8vKGp438IASWofnbbUKDE/bv0=
-sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4=
+sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
+sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E=
sigs.k8s.io/testing_frameworks v0.1.2/go.mod h1:ToQrwSC3s8Xf/lADdZp3Mktcql9CG0UAmdJG9th5i0w=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
diff --git a/manifests/cluster/deployment.yaml b/manifests/cluster/deployment.yaml
index 12839fc51..4b4558c3e 100644
--- a/manifests/cluster/deployment.yaml
+++ b/manifests/cluster/deployment.yaml
@@ -240,128 +240,133 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the
- blob storage
+ description: diskName is the Name of the data
+ disk in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob
- storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on
+ description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts. More info:
+ https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is
+ /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef
+ is reference to the authentication secret for
+ User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -372,32 +377,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info:
https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Examples: "ext4",
+ "xfs", "ntfs". Implicitly inferred to be "ext4"
+ if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to
+ a secret object containing parameters used to
+ connect to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -408,33 +414,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that
+ description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file
whose name is the key and content is the value.
If specified, the listed keys will be projected
@@ -449,27 +455,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -483,30 +490,30 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your
admin for the correct name as registered in
the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is
+ passed to the associated CSI driver which will
+ determine the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -524,13 +531,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -539,7 +546,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -638,33 +645,34 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default
+ medium. Must be an empty string (default) or
+ Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of
+ local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory
+ medium. The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is nil
+ which means that the limit is undefined. More
+ info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -724,25 +732,29 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the
+ description: 'accessModes contains the
desired access modes the volume should
have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be
+ used to specify either: * An existing
+ VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on
the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and
+ dataSourceRef contents will be copied
+ to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is
+ specified, then dataSourceRef will not
+ be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group
@@ -766,35 +778,44 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
+ description: 'dataSourceRef specifies
+ the object from which to populate the
+ volume with data, if a non-empty volume
+ is desired. This may be any object from
+ a non-empty API group (non core object)
+ or a PersistentVolumeClaim object. When
+ this field is specified, volume binding
+ will only succeed if the type of the
+ specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such
+ if both fields are non-empty, they must
+ have the same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
+ is non-empty. When namespace is specified
+ in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty.
+ There are three important differences
+ between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
+ objects. * While dataSource ignores
+ disallowed values (dropping them), dataSourceRef
preserves all values, and generates
an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
+ * While dataSource only allows local
+ objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this
+ field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha)
+ Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group
@@ -812,13 +833,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation
+ for details. (Alpha) This field
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the
+ description: 'resources represents the
minimum resources the volume should
have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed
@@ -828,6 +861,31 @@ spec:
in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container.
+ \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match
+ the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -856,8 +914,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query
+ over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a
@@ -914,8 +972,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the
+ name of the StorageClass required by
+ the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -924,7 +983,7 @@ spec:
not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding
+ description: volumeName is the binding
reference to the PersistentVolume backing
this claim.
type: string
@@ -934,74 +993,77 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. TODO: how do we prevent errors
+ in the filesystem from compromising the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world
+ wide identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver
+ description: driver is the name of the driver
to use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". The default filesystem depends on FlexVolume
+ script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options
- if any.'
+ description: 'options is Optional: this field
+ holds extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef
+ is reference to the secret object containing
+ sensitive information to pass to the plugin
+ scripts. This may be empty if no secret object
+ is specified. If the secret object contains
+ more than one secret, all secrets are passed
+ to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -1015,52 +1077,52 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the
Flocker control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD
+ resource in GCE. Used to identify the disk in
+ GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -1068,7 +1130,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository
+ description: 'gitRepo represents a git repository
at a particular revision. DEPRECATED: GitRepo is
deprecated. To provision a container with a git
repo, mount an EmptyDir into an InitContainer that
@@ -1076,38 +1138,38 @@ spec:
into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory
+ name. Must not contain or start with '..'. If
+ '.' is supplied, the volume directory will be
+ the git repository. Otherwise, if specified,
+ the volume will contain the git repository in
+ the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More
info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -1116,7 +1178,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used
for system agents or other privileged things that
@@ -1127,72 +1189,75 @@ spec:
host directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the
link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
+ description: initiatorName is the custom iSCSI
+ Initiator Name. If initiatorName is specified
+ with iscsiInterface simultaneously, new iSCSI
+ interface : will
+ be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified
+ Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically
+ TCP ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -1203,10 +1268,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -1214,20 +1279,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS
+ description: 'path that is exported by the NFS
server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS
+ description: 'readOnly here will force the NFS
export to be mounted with read-only permissions.
Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -1235,134 +1300,138 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this
volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly
+ setting in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets
host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx
+ description: portworxVolume represents a portworx
volume attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem
+ description: fSType represents the filesystem
type to mount Must be a filesystem type supported
by the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that
+ affect the file mode, like fsGroup, and the
+ result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about
+ the configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the ConfigMap, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -1376,14 +1445,15 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -1476,55 +1546,57 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the Secret, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -1538,17 +1610,19 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient
of a token must identify itself with
an identifier specified in the audience
@@ -1557,7 +1631,7 @@ spec:
to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of
the service account token. As the
token approaches expiration, the kubelet
@@ -1571,7 +1645,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to
project the token into.
type: string
@@ -1582,36 +1656,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on
+ description: quobyte represents a Quobyte mount on
the host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -1619,46 +1693,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device
+ description: 'rbd represents a Rados Block Device
mount on the host that shares a pod''s lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring
+ description: 'keyring is the path to key ring
for RBDUser. Default is /etc/ceph/keyring. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph
+ monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -1671,37 +1745,39 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Default is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured
+ storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -1715,26 +1791,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
+ description: storageMode indicates whether the
+ storage for a volume should be ThickProvisioned
+ or ThinProvisioned. Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as
- configured in ScaleIO.
+ description: system is the name of the storage
+ system as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -1742,29 +1818,29 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
into the specified paths, and unlisted keys
will not be present. If a key is specified which
is not present in the Secret, the volume setup
@@ -1776,27 +1852,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -1804,30 +1881,32 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its
- keys must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to
+ description: secretRef specifies the secret to
use for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -1840,12 +1919,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable
+ description: volumeName is the human-readable
name of the StorageOS volume. Volume names
are only unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -1858,26 +1937,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -2032,6 +2112,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -2409,128 +2509,133 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the
- blob storage
+ description: diskName is the Name of the data
+ disk in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob
- storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on
+ description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts. More info:
+ https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is
+ /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef
+ is reference to the authentication secret for
+ User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -2541,32 +2646,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info:
https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Examples: "ext4",
+ "xfs", "ntfs". Implicitly inferred to be "ext4"
+ if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to
+ a secret object containing parameters used to
+ connect to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -2577,33 +2683,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that
+ description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file
whose name is the key and content is the value.
If specified, the listed keys will be projected
@@ -2618,27 +2724,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -2652,30 +2759,30 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your
admin for the correct name as registered in
the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is
+ passed to the associated CSI driver which will
+ determine the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -2693,13 +2800,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -2708,7 +2815,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -2807,33 +2914,34 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default
+ medium. Must be an empty string (default) or
+ Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of
+ local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory
+ medium. The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is nil
+ which means that the limit is undefined. More
+ info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -2893,25 +3001,29 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the
+ description: 'accessModes contains the
desired access modes the volume should
have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be
+ used to specify either: * An existing
+ VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on
the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and
+ dataSourceRef contents will be copied
+ to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is
+ specified, then dataSourceRef will not
+ be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group
@@ -2935,35 +3047,44 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
+ description: 'dataSourceRef specifies
+ the object from which to populate the
+ volume with data, if a non-empty volume
+ is desired. This may be any object from
+ a non-empty API group (non core object)
+ or a PersistentVolumeClaim object. When
+ this field is specified, volume binding
+ will only succeed if the type of the
+ specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such
+ if both fields are non-empty, they must
+ have the same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
+ is non-empty. When namespace is specified
+ in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty.
+ There are three important differences
+ between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
+ objects. * While dataSource ignores
+ disallowed values (dropping them), dataSourceRef
preserves all values, and generates
an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
+ * While dataSource only allows local
+ objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this
+ field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha)
+ Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group
@@ -2981,13 +3102,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation
+ for details. (Alpha) This field
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the
+ description: 'resources represents the
minimum resources the volume should
have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed
@@ -2997,6 +3130,31 @@ spec:
in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container.
+ \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match
+ the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3025,8 +3183,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query
+ over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a
@@ -3083,8 +3241,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the
+ name of the StorageClass required by
+ the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -3093,7 +3252,7 @@ spec:
not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding
+ description: volumeName is the binding
reference to the PersistentVolume backing
this claim.
type: string
@@ -3103,74 +3262,77 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. TODO: how do we prevent errors
+ in the filesystem from compromising the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world
+ wide identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver
+ description: driver is the name of the driver
to use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". The default filesystem depends on FlexVolume
+ script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options
- if any.'
+ description: 'options is Optional: this field
+ holds extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef
+ is reference to the secret object containing
+ sensitive information to pass to the plugin
+ scripts. This may be empty if no secret object
+ is specified. If the secret object contains
+ more than one secret, all secrets are passed
+ to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -3184,52 +3346,52 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the
Flocker control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD
+ resource in GCE. Used to identify the disk in
+ GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -3237,7 +3399,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository
+ description: 'gitRepo represents a git repository
at a particular revision. DEPRECATED: GitRepo is
deprecated. To provision a container with a git
repo, mount an EmptyDir into an InitContainer that
@@ -3245,38 +3407,38 @@ spec:
into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory
+ name. Must not contain or start with '..'. If
+ '.' is supplied, the volume directory will be
+ the git repository. Otherwise, if specified,
+ the volume will contain the git repository in
+ the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More
info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -3285,7 +3447,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used
for system agents or other privileged things that
@@ -3296,72 +3458,75 @@ spec:
host directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the
link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
+ description: initiatorName is the custom iSCSI
+ Initiator Name. If initiatorName is specified
+ with iscsiInterface simultaneously, new iSCSI
+ interface : will
+ be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified
+ Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically
+ TCP ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -3372,10 +3537,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -3383,20 +3548,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS
+ description: 'path that is exported by the NFS
server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS
+ description: 'readOnly here will force the NFS
export to be mounted with read-only permissions.
Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -3404,134 +3569,138 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this
volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly
+ setting in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets
host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx
+ description: portworxVolume represents a portworx
volume attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem
+ description: fSType represents the filesystem
type to mount Must be a filesystem type supported
by the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that
+ affect the file mode, like fsGroup, and the
+ result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about
+ the configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the ConfigMap, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -3545,14 +3714,15 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -3645,55 +3815,57 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the Secret, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -3707,17 +3879,19 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient
of a token must identify itself with
an identifier specified in the audience
@@ -3726,7 +3900,7 @@ spec:
to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of
the service account token. As the
token approaches expiration, the kubelet
@@ -3740,7 +3914,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to
project the token into.
type: string
@@ -3751,36 +3925,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on
+ description: quobyte represents a Quobyte mount on
the host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -3788,46 +3962,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device
+ description: 'rbd represents a Rados Block Device
mount on the host that shares a pod''s lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring
+ description: 'keyring is the path to key ring
for RBDUser. Default is /etc/ceph/keyring. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph
+ monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -3840,37 +4014,39 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Default is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured
+ storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -3884,26 +4060,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
+ description: storageMode indicates whether the
+ storage for a volume should be ThickProvisioned
+ or ThinProvisioned. Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as
- configured in ScaleIO.
+ description: system is the name of the storage
+ system as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -3911,29 +4087,29 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
into the specified paths, and unlisted keys
will not be present. If a key is specified which
is not present in the Secret, the volume setup
@@ -3945,27 +4121,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -3973,30 +4150,32 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its
- keys must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to
+ description: secretRef specifies the secret to
use for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -4009,12 +4188,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable
+ description: volumeName is the human-readable
name of the StorageOS volume. Volume names
are only unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -4027,26 +4206,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -4246,6 +4426,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -4846,6 +5046,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -5405,6 +5625,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -5854,6 +6094,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -6238,6 +6498,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -6505,6 +6785,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -6643,6 +6944,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -6857,6 +7179,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7014,15 +7357,15 @@ spec:
chartPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -7030,7 +7373,7 @@ spec:
registryPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
@@ -7042,8 +7385,8 @@ spec:
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -7302,6 +7645,29 @@ spec:
description: Resources is the resources requests and limits
for redis.
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are used by
+ this container. \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation feature gate.
+ \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one
+ entry in pod.spec.resourceClaims of the Pod
+ where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7380,6 +7746,28 @@ spec:
resources:
description: Resources defines database pod resource config
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7531,6 +7919,28 @@ spec:
description: If provided, use these requests and limit for
cpu/memory resource allocation
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7581,25 +7991,28 @@ spec:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
type: object
spec:
- description: 'Spec defines the desired characteristics
+ description: 'spec defines the desired characteristics
of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
- description: 'AccessModes contains the desired access
+ description: 'accessModes contains the desired access
modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify either:
- * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used to specify
+ either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim) If the
provisioner or an external controller can support
the specified data source, it will create a new
volume based on the contents of the specified data
- source. If the AnyVolumeDataSource feature gate
- is enabled, this field will always have the same
- contents as the DataSourceRef field.'
+ source. When the AnyVolumeDataSource feature gate
+ is enabled, dataSource contents will be copied to
+ dataSourceRef, and dataSourceRef contents will be
+ copied to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is specified,
+ then dataSourceRef will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for the resource
@@ -7622,28 +8035,35 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which to populate
- the volume with data, if a non-empty volume is desired.
- This may be any local object from a non-empty API
- group (non core object) or a PersistentVolumeClaim
+ description: 'dataSourceRef specifies the object from
+ which to populate the volume with data, if a non-empty
+ volume is desired. This may be any object from a
+ non-empty API group (non core object) or a PersistentVolumeClaim
object. When this field is specified, volume binding
will only succeed if the type of the specified object
matches some installed volume populator or dynamic
provisioner. This field will replace the functionality
- of the DataSource field and as such if both fields
+ of the dataSource field and as such if both fields
are non-empty, they must have the same value. For
- backwards compatibility, both fields (DataSource
- and DataSourceRef) will be set to the same value
- automatically if one of them is empty and the other
- is non-empty. There are two important differences
- between DataSource and DataSourceRef: * While DataSource
- only allows two specific types of objects, DataSourceRef
- allows any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed values
- (dropping them), DataSourceRef preserves all values,
+ backwards compatibility, when namespace isn''t specified
+ in dataSourceRef, both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically if one
+ of them is empty and the other is non-empty. When
+ namespace is specified in dataSourceRef, dataSource
+ isn''t set to the same value and must be empty.
+ There are three important differences between dataSource
+ and dataSourceRef: * While dataSource only allows
+ two specific types of objects, dataSourceRef allows
+ any non-core object, as well as PersistentVolumeClaim
+ objects. * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves all values,
and generates an error if a disallowed value is
- specified. (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be enabled.'
+ specified. * While dataSource only allows local
+ objects, dataSourceRef allows objects in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using the namespace
+ field of dataSourceRef requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for the resource
@@ -7660,19 +8080,52 @@ spec:
description: Name is the name of resource being
referenced
type: string
+ namespace:
+ description: Namespace is the namespace of resource
+ being referenced Note that when a namespace
+ is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept the
+ reference. See the ReferenceGrant documentation
+ for details. (Alpha) This field requires the
+ CrossNamespaceVolumeDataSource feature gate
+ to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum resources
+ description: 'resources represents the minimum resources
the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to specify
resource requirements that are lower than previous
value but must still be higher than capacity recorded
in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are used
+ by this container. \n This is an alpha field
+ and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of
+ one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes
+ that resource available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7699,8 +8152,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to consider
- for binding.
+ description: selector is a label query over volumes
+ to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list of label
@@ -7748,8 +8201,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required by
- the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name of the
+ StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type of volume
@@ -7757,17 +8210,17 @@ spec:
implied when not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference to
+ description: volumeName is the binding reference to
the PersistentVolume backing this claim.
type: string
type: object
status:
- description: 'Status represents the current information/status
+ description: 'status represents the current information/status
of a persistent volume claim. Read-only. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
- description: 'AccessModes contains the actual access
+ description: 'accessModes contains the actual access
modes the volume backing the PVC has. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
@@ -7780,18 +8233,19 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
- description: The storage resource within AllocatedResources
- tracks the capacity allocated to a PVC. It may be
- larger than the actual capacity when a volume expansion
- operation is requested. For storage quota, the larger
- value from allocatedResources and PVC.spec.resources
- is used. If allocatedResources is not set, PVC.spec.resources
- alone is used for quota calculation. If a volume
- expansion capacity request is lowered, allocatedResources
- is only lowered if there are no expansion operations
- in progress and if the actual volume capacity is
- equal or lower than the requested capacity. This
- is an alpha field and requires enabling RecoverVolumeExpansionFailure
+ description: allocatedResources is the storage resource
+ within AllocatedResources tracks the capacity allocated
+ to a PVC. It may be larger than the actual capacity
+ when a volume expansion operation is requested.
+ For storage quota, the larger value from allocatedResources
+ and PVC.spec.resources is used. If allocatedResources
+ is not set, PVC.spec.resources alone is used for
+ quota calculation. If a volume expansion capacity
+ request is lowered, allocatedResources is only lowered
+ if there are no expansion operations in progress
+ and if the actual volume capacity is equal or lower
+ than the requested capacity. This is an alpha field
+ and requires enabling RecoverVolumeExpansionFailure
feature.
type: object
capacity:
@@ -7801,36 +8255,40 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
- description: Represents the actual resources of the
- underlying volume.
+ description: capacity represents the actual resources
+ of the underlying volume.
type: object
conditions:
- description: Current Condition of persistent volume
- claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
+ description: conditions is the current Condition of
+ persistent volume claim. If underlying persistent
+ volume is being resized then the Condition will
+ be set to 'ResizeStarted'.
items:
description: PersistentVolumeClaimCondition contails
details about state of pvc
properties:
lastProbeTime:
- description: Last time we probed the condition.
+ description: lastProbeTime is the time we probed
+ the condition.
format: date-time
type: string
lastTransitionTime:
- description: Last time the condition transitioned
- from one status to another.
+ description: lastTransitionTime is the time
+ the condition transitioned from one status
+ to another.
format: date-time
type: string
message:
- description: Human-readable message indicating
- details about last transition.
+ description: message is the human-readable message
+ indicating details about last transition.
type: string
reason:
- description: Unique, this should be a short,
- machine understandable string that gives the
- reason for condition's last transition. If
- it reports "ResizeStarted" that means the
- underlying persistent volume is being resized.
+ description: reason is a unique, this should
+ be a short, machine understandable string
+ that gives the reason for condition's last
+ transition. If it reports "ResizeStarted"
+ that means the underlying persistent volume
+ is being resized.
type: string
status:
type: string
@@ -7844,11 +8302,11 @@ spec:
type: object
type: array
phase:
- description: Phase represents the current phase of
+ description: phase represents the current phase of
PersistentVolumeClaim.
type: string
resizeStatus:
- description: ResizeStatus stores status of resize
+ description: resizeStatus stores status of resize
operation. ResizeStatus is not set by default but
when expansion is complete resizeStatus is set to
empty string by resize controller or kubelet. This
@@ -7924,6 +8382,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8063,6 +8542,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8183,6 +8684,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8303,6 +8826,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8500,6 +9044,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8629,6 +9194,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8754,6 +9340,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8794,15 +9401,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -8813,15 +9420,15 @@ spec:
will be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -9090,6 +9697,29 @@ spec:
description: Resources is the resources requests and
limits for redis.
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are used
+ by this container. \n This is an alpha field
+ and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of
+ one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes
+ that resource available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9183,6 +9813,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9321,6 +9972,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9517,6 +10189,29 @@ spec:
description: ResourceRequirements describes the compute
resource requirements.
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are used by
+ this container. \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation feature gate.
+ \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one
+ entry in pod.spec.resourceClaims of the Pod
+ where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9624,6 +10319,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9873,6 +10589,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -9908,15 +10645,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -10045,6 +10782,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10165,6 +10924,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10285,6 +11066,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10452,6 +11254,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10581,6 +11404,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10693,15 +11537,15 @@ spec:
chartPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -10709,7 +11553,7 @@ spec:
registryPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
@@ -10721,8 +11565,8 @@ spec:
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -10859,6 +11703,29 @@ spec:
description: If provided, use these requests and limit
for cpu/memory resource allocation
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are used by
+ this container. \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation feature gate.
+ \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one
+ entry in pod.spec.resourceClaims of the Pod
+ where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -10911,28 +11778,31 @@ spec:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
type: object
spec:
- description: 'Spec defines the desired characteristics
+ description: 'spec defines the desired characteristics
of a volume requested by a pod author. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot) * An
- existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a
- new volume based on the contents of the specified
- data source. If the AnyVolumeDataSource feature
- gate is enabled, this field will always have
- the same contents as the DataSourceRef field.'
+ description: 'dataSource field can be used to
+ specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim) If
+ the provisioner or an external controller can
+ support the specified data source, it will create
+ a new volume based on the contents of the specified
+ data source. When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents will be
+ copied to dataSourceRef, and dataSourceRef contents
+ will be copied to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is specified,
+ then dataSourceRef will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for the
@@ -10955,31 +11825,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local object
- from a non-empty API group (non core object)
- or a PersistentVolumeClaim object. When this
- field is specified, volume binding will only
- succeed if the type of the specified object
+ description: 'dataSourceRef specifies the object
+ from which to populate the volume with data,
+ if a non-empty volume is desired. This may be
+ any object from a non-empty API group (non core
+ object) or a PersistentVolumeClaim object. When
+ this field is specified, volume binding will
+ only succeed if the type of the specified object
matches some installed volume populator or dynamic
provisioner. This field will replace the functionality
- of the DataSource field and as such if both
+ of the dataSource field and as such if both
fields are non-empty, they must have the same
- value. For backwards compatibility, both fields
- (DataSource and DataSourceRef) will be set to
+ value. For backwards compatibility, when namespace
+ isn''t specified in dataSourceRef, both fields
+ (dataSource and dataSourceRef) will be set to
the same value automatically if one of them
- is empty and the other is non-empty. There are
- two important differences between DataSource
- and DataSourceRef: * While DataSource only allows
- two specific types of objects, DataSourceRef
+ is empty and the other is non-empty. When namespace
+ is specified in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty. There
+ are three important differences between dataSource
+ and dataSourceRef: * While dataSource only allows
+ two specific types of objects, dataSourceRef
allows any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ objects. * While dataSource ignores disallowed
+ values (dropping them), dataSourceRef preserves
all values, and generates an error if a disallowed
- value is specified. (Alpha) Using this field
- requires the AnyVolumeDataSource feature gate
- to be enabled.'
+ value is specified. * While dataSource only
+ allows local objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this field requires
+ the AnyVolumeDataSource feature gate to be enabled.
+ (Alpha) Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for the
@@ -10996,13 +11873,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace of
+ resource being referenced Note that when
+ a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant documentation
+ for details. (Alpha) This field requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to specify
resource requirements that are lower than previous
@@ -11010,6 +11897,30 @@ spec:
recorded in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of resources,
+ defined in spec.resourceClaims, that are
+ used by this container. \n This is an alpha
+ field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name
+ of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used.
+ It makes that resource available inside
+ a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -11037,8 +11948,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to consider
- for binding.
+ description: selector is a label query over volumes
+ to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list of
@@ -11089,8 +12000,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name of
+ the StorageClass required by the claim. More
+ info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type of volume
@@ -11098,17 +12010,17 @@ spec:
is implied when not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
status:
- description: 'Status represents the current information/status
+ description: 'status represents the current information/status
of a persistent volume claim. Read-only. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
- description: 'AccessModes contains the actual
+ description: 'accessModes contains the actual
access modes the volume backing the PVC has.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
@@ -11121,15 +12033,15 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
- description: The storage resource within AllocatedResources
- tracks the capacity allocated to a PVC. It may
- be larger than the actual capacity when a volume
- expansion operation is requested. For storage
- quota, the larger value from allocatedResources
- and PVC.spec.resources is used. If allocatedResources
- is not set, PVC.spec.resources alone is used
- for quota calculation. If a volume expansion
- capacity request is lowered, allocatedResources
+ description: allocatedResources is the storage
+ resource within AllocatedResources tracks the
+ capacity allocated to a PVC. It may be larger
+ than the actual capacity when a volume expansion
+ operation is requested. For storage quota, the
+ larger value from allocatedResources and PVC.spec.resources
+ is used. If allocatedResources is not set, PVC.spec.resources
+ alone is used for quota calculation. If a volume
+ expansion capacity request is lowered, allocatedResources
is only lowered if there are no expansion operations
in progress and if the actual volume capacity
is equal or lower than the requested capacity.
@@ -11143,37 +12055,41 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
- description: Represents the actual resources of
- the underlying volume.
+ description: capacity represents the actual resources
+ of the underlying volume.
type: object
conditions:
- description: Current Condition of persistent volume
- claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
+ description: conditions is the current Condition
+ of persistent volume claim. If underlying persistent
+ volume is being resized then the Condition will
+ be set to 'ResizeStarted'.
items:
description: PersistentVolumeClaimCondition
contails details about state of pvc
properties:
lastProbeTime:
- description: Last time we probed the condition.
+ description: lastProbeTime is the time we
+ probed the condition.
format: date-time
type: string
lastTransitionTime:
- description: Last time the condition transitioned
- from one status to another.
+ description: lastTransitionTime is the time
+ the condition transitioned from one status
+ to another.
format: date-time
type: string
message:
- description: Human-readable message indicating
- details about last transition.
+ description: message is the human-readable
+ message indicating details about last
+ transition.
type: string
reason:
- description: Unique, this should be a short,
- machine understandable string that gives
- the reason for condition's last transition.
- If it reports "ResizeStarted" that means
- the underlying persistent volume is being
- resized.
+ description: reason is a unique, this should
+ be a short, machine understandable string
+ that gives the reason for condition's
+ last transition. If it reports "ResizeStarted"
+ that means the underlying persistent volume
+ is being resized.
type: string
status:
type: string
@@ -11187,11 +12103,11 @@ spec:
type: object
type: array
phase:
- description: Phase represents the current phase
+ description: phase represents the current phase
of PersistentVolumeClaim.
type: string
resizeStatus:
- description: ResizeStatus stores status of resize
+ description: resizeStatus stores status of resize
operation. ResizeStatus is not set by default
but when expansion is complete resizeStatus
is set to empty string by resize controller
@@ -11609,6 +12525,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -11649,15 +12586,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -11668,15 +12605,15 @@ spec:
will be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -12416,6 +13353,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -12554,6 +13512,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -12768,6 +13747,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -12925,15 +13925,15 @@ spec:
chartPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -12941,7 +13941,7 @@ spec:
registryPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
@@ -12953,8 +13953,8 @@ spec:
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -13210,6 +14210,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -13349,6 +14370,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -13469,6 +14512,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -13589,6 +14654,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -13786,6 +14872,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -13915,6 +15022,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -14040,6 +15168,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -14080,15 +15229,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -14099,15 +15248,15 @@ spec:
will be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -14330,6 +15479,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -14468,6 +15638,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -14682,6 +15873,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -14859,15 +16071,15 @@ spec:
chartPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -14875,7 +16087,7 @@ spec:
registryPersistentVolume:
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
@@ -14887,8 +16099,8 @@ spec:
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -15226,6 +16438,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -15261,15 +16494,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -15398,6 +16631,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -15518,6 +16773,28 @@ spec:
description: 'Compute Resources required by this component.
Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate. \n This field
+ is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry
+ in pod.spec.resourceClaims of the Pod where this
+ field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -15638,6 +16915,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -15833,6 +17131,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -15962,6 +17281,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -16184,6 +17524,27 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined
+ in spec.resourceClaims, that are used by this container.
+ \n This is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in
+ pod.spec.resourceClaims of the Pod where this field
+ is used. It makes that resource available inside a
+ container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -16224,15 +17585,15 @@ spec:
be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -16243,15 +17604,15 @@ spec:
will be used.
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
prefix:
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
@@ -16703,123 +18064,128 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure
+ managed data disk (only in managed availability
+ set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -16830,31 +18196,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a
+ secret object containing parameters used to connect
+ to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -16865,32 +18232,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file whose
name is the key and content is the value. If specified,
the listed keys will be projected into the specified
@@ -16905,26 +18272,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -16937,29 +18306,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is passed
+ to the associated CSI driver which will determine
+ the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -16977,13 +18346,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -16992,7 +18361,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -17087,32 +18456,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The
+ size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would
+ be the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that
+ the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -17171,25 +18541,28 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on the
contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature gate
+ is enabled, dataSource contents will be
+ copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource
+ when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -17213,35 +18586,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
API group (non core object) or a PersistentVolumeClaim
object. When this field is specified,
volume binding will only succeed if the
type of the specified object matches some
installed volume populator or dynamic
provisioner. This field will replace the
- functionality of the DataSource field
+ functionality of the dataSource field
and as such if both fields are non-empty,
they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
+ compatibility, when namespace isn''t specified
+ in dataSourceRef, both fields (dataSource
+ and dataSourceRef) will be set to the
same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
+ is empty and the other is non-empty. When
+ namespace is specified in dataSourceRef,
+ dataSource isn''t set to the same value
+ and must be empty. There are three important
+ differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
+ any non-core object, as well as PersistentVolumeClaim
+ objects. * While dataSource ignores disallowed
+ values (dropping them), dataSourceRef
preserves all values, and generates an
error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
+ * While dataSource only allows local objects,
+ dataSourceRef allows objects in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -17259,13 +18639,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation for
+ details. (Alpha) This field requires
+ the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are
@@ -17274,6 +18666,31 @@ spec:
status field of the claim. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -17302,8 +18719,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -17358,8 +18775,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -17368,7 +18786,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -17377,74 +18795,75 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and then
exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified. TODO: how
do we prevent errors in the filesystem from compromising
the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver to
+ description: driver is the name of the driver to
use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if
- any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified.
+ If the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -17458,28 +18877,28 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred
to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -17487,21 +18906,22 @@ spec:
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -17509,7 +18929,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at
+ description: 'gitRepo represents a git repository at
a particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo
@@ -17517,37 +18937,38 @@ spec:
container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git
+ repository. Otherwise, if specified, the volume
+ will contain the git repository in the subdirectory
+ with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -17556,7 +18977,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used for
system agents or other privileged things that are
@@ -17567,71 +18988,73 @@ spec:
directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the link
to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically TCP
+ ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -17642,9 +19065,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -17652,20 +19076,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -17673,132 +19097,133 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Directories within the path
+ are not affected by this setting. This might be
+ in conflict with other options that affect the
+ file mode, like fsGroup, and the result can be
+ other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the ConfigMap, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -17813,14 +19238,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -17912,53 +19337,53 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the Secret, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -17973,17 +19398,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient of
a token must identify itself with an
identifier specified in the audience
@@ -17992,7 +19417,7 @@ spec:
the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of the
service account token. As the token
approaches expiration, the kubelet volume
@@ -18006,7 +19431,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to project
the token into.
type: string
@@ -18017,36 +19442,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -18054,44 +19479,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -18104,37 +19531,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -18148,26 +19576,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -18175,27 +19603,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present.
If a key is specified which is not present in
@@ -18208,26 +19636,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -18235,30 +19665,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -18271,12 +19702,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -18288,26 +19719,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -18373,123 +19805,128 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure
+ managed data disk (only in managed availability
+ set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -18500,31 +19937,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a
+ secret object containing parameters used to connect
+ to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -18535,32 +19973,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file whose
name is the key and content is the value. If specified,
the listed keys will be projected into the specified
@@ -18575,26 +20013,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -18607,29 +20047,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is passed
+ to the associated CSI driver which will determine
+ the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -18647,13 +20087,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -18662,7 +20102,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -18757,32 +20197,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The
+ size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would
+ be the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that
+ the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -18841,25 +20282,28 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on the
contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature gate
+ is enabled, dataSource contents will be
+ copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource
+ when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -18883,35 +20327,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
API group (non core object) or a PersistentVolumeClaim
object. When this field is specified,
volume binding will only succeed if the
type of the specified object matches some
installed volume populator or dynamic
provisioner. This field will replace the
- functionality of the DataSource field
+ functionality of the dataSource field
and as such if both fields are non-empty,
they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
+ compatibility, when namespace isn''t specified
+ in dataSourceRef, both fields (dataSource
+ and dataSourceRef) will be set to the
same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
+ is empty and the other is non-empty. When
+ namespace is specified in dataSourceRef,
+ dataSource isn''t set to the same value
+ and must be empty. There are three important
+ differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
+ any non-core object, as well as PersistentVolumeClaim
+ objects. * While dataSource ignores disallowed
+ values (dropping them), dataSourceRef
preserves all values, and generates an
error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
+ * While dataSource only allows local objects,
+ dataSourceRef allows objects in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -18929,13 +20380,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation for
+ details. (Alpha) This field requires
+ the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are
@@ -18944,6 +20407,31 @@ spec:
status field of the claim. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -18972,8 +20460,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -19028,8 +20516,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -19038,7 +20527,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -19047,74 +20536,75 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and then
exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified. TODO: how
do we prevent errors in the filesystem from compromising
the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver to
+ description: driver is the name of the driver to
use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if
- any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified.
+ If the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -19128,28 +20618,28 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred
to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -19157,21 +20647,22 @@ spec:
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -19179,7 +20670,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at
+ description: 'gitRepo represents a git repository at
a particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo
@@ -19187,37 +20678,38 @@ spec:
container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git
+ repository. Otherwise, if specified, the volume
+ will contain the git repository in the subdirectory
+ with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -19226,7 +20718,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used for
system agents or other privileged things that are
@@ -19237,71 +20729,73 @@ spec:
directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the link
to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically TCP
+ ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -19312,9 +20806,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -19322,20 +20817,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -19343,132 +20838,133 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Directories within the path
+ are not affected by this setting. This might be
+ in conflict with other options that affect the
+ file mode, like fsGroup, and the result can be
+ other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the ConfigMap, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -19483,14 +20979,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -19582,53 +21078,53 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the Secret, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -19643,17 +21139,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient of
a token must identify itself with an
identifier specified in the audience
@@ -19662,7 +21158,7 @@ spec:
the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of the
service account token. As the token
approaches expiration, the kubelet volume
@@ -19676,7 +21172,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to project
the token into.
type: string
@@ -19687,36 +21183,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -19724,44 +21220,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -19774,37 +21272,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -19818,26 +21317,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -19845,27 +21344,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present.
If a key is specified which is not present in
@@ -19878,26 +21377,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -19905,30 +21406,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -19941,12 +21443,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -19958,26 +21460,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -20060,6 +21563,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -20398,123 +21921,128 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure
+ managed data disk (only in managed availability
+ set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -20525,31 +22053,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a
+ secret object containing parameters used to connect
+ to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -20560,32 +22089,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file whose
name is the key and content is the value. If specified,
the listed keys will be projected into the specified
@@ -20600,26 +22129,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -20632,29 +22163,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is passed
+ to the associated CSI driver which will determine
+ the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -20672,13 +22203,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -20687,7 +22218,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -20782,32 +22313,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The
+ size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would
+ be the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that
+ the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -20866,25 +22398,28 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on the
contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature gate
+ is enabled, dataSource contents will be
+ copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource
+ when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -20908,35 +22443,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
API group (non core object) or a PersistentVolumeClaim
object. When this field is specified,
volume binding will only succeed if the
type of the specified object matches some
installed volume populator or dynamic
provisioner. This field will replace the
- functionality of the DataSource field
+ functionality of the dataSource field
and as such if both fields are non-empty,
they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
+ compatibility, when namespace isn''t specified
+ in dataSourceRef, both fields (dataSource
+ and dataSourceRef) will be set to the
same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
+ is empty and the other is non-empty. When
+ namespace is specified in dataSourceRef,
+ dataSource isn''t set to the same value
+ and must be empty. There are three important
+ differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
+ any non-core object, as well as PersistentVolumeClaim
+ objects. * While dataSource ignores disallowed
+ values (dropping them), dataSourceRef
preserves all values, and generates an
error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
+ * While dataSource only allows local objects,
+ dataSourceRef allows objects in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -20954,13 +22496,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation for
+ details. (Alpha) This field requires
+ the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are
@@ -20969,6 +22523,31 @@ spec:
status field of the claim. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -20997,8 +22576,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -21053,8 +22632,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -21063,7 +22643,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -21072,74 +22652,75 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and then
exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified. TODO: how
do we prevent errors in the filesystem from compromising
the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver to
+ description: driver is the name of the driver to
use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if
- any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified.
+ If the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -21153,28 +22734,28 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred
to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -21182,21 +22763,22 @@ spec:
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -21204,7 +22786,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at
+ description: 'gitRepo represents a git repository at
a particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo
@@ -21212,37 +22794,38 @@ spec:
container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git
+ repository. Otherwise, if specified, the volume
+ will contain the git repository in the subdirectory
+ with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -21251,7 +22834,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used for
system agents or other privileged things that are
@@ -21262,71 +22845,73 @@ spec:
directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the link
to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically TCP
+ ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -21337,9 +22922,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -21347,20 +22933,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -21368,132 +22954,133 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Directories within the path
+ are not affected by this setting. This might be
+ in conflict with other options that affect the
+ file mode, like fsGroup, and the result can be
+ other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the ConfigMap, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -21508,14 +23095,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -21607,53 +23194,53 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the Secret, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -21668,17 +23255,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient of
a token must identify itself with an
identifier specified in the audience
@@ -21687,7 +23274,7 @@ spec:
the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of the
service account token. As the token
approaches expiration, the kubelet volume
@@ -21701,7 +23288,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to project
the token into.
type: string
@@ -21712,36 +23299,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -21749,44 +23336,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -21799,37 +23388,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -21843,26 +23433,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -21870,27 +23460,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present.
If a key is specified which is not present in
@@ -21903,26 +23493,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -21930,30 +23522,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -21966,12 +23559,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -21983,26 +23576,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -22068,123 +23662,128 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
- data disk (only in managed availability set).
- defaults to shared'
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure
+ managed data disk (only in managed availability
+ set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is
- empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -22195,31 +23794,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a
+ secret object containing parameters used to connect
+ to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -22230,32 +23830,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file whose
name is the key and content is the value. If specified,
the listed keys will be projected into the specified
@@ -22270,26 +23870,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -22302,29 +23904,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is passed
+ to the associated CSI driver which will determine
+ the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -22342,13 +23944,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -22357,7 +23959,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -22452,32 +24054,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which means
- to use the node''s default medium. Must be an
- empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum
- value between the SizeLimit specified here and
- the sum of memory limits of all containers in
- a pod. The default is nil which means that the
- limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The
+ size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would
+ be the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that
+ the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -22536,25 +24139,28 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on the
contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature gate
+ is enabled, dataSource contents will be
+ copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource
+ when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -22578,35 +24184,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
API group (non core object) or a PersistentVolumeClaim
object. When this field is specified,
volume binding will only succeed if the
type of the specified object matches some
installed volume populator or dynamic
provisioner. This field will replace the
- functionality of the DataSource field
+ functionality of the dataSource field
and as such if both fields are non-empty,
they must have the same value. For backwards
- compatibility, both fields (DataSource
- and DataSourceRef) will be set to the
+ compatibility, when namespace isn''t specified
+ in dataSourceRef, both fields (dataSource
+ and dataSourceRef) will be set to the
same value automatically if one of them
- is empty and the other is non-empty. There
- are two important differences between
- DataSource and DataSourceRef: * While
- DataSource only allows two specific types
- of objects, DataSourceRef allows any non-core
- object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef
+ is empty and the other is non-empty. When
+ namespace is specified in dataSourceRef,
+ dataSource isn''t set to the same value
+ and must be empty. There are three important
+ differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
+ any non-core object, as well as PersistentVolumeClaim
+ objects. * While dataSource ignores disallowed
+ values (dropping them), dataSourceRef
preserves all values, and generates an
error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to be
- enabled.'
+ * While dataSource only allows local objects,
+ dataSourceRef allows objects in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -22624,13 +24237,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation for
+ details. (Alpha) This field requires
+ the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are
@@ -22639,6 +24264,31 @@ spec:
status field of the claim. More info:
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -22667,8 +24317,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -22723,8 +24373,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -22733,7 +24384,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -22742,74 +24393,75 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and then
exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified. TODO: how
do we prevent errors in the filesystem from compromising
the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver to
+ description: driver is the name of the driver to
use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if
- any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force the
+ ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified.
+ If the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -22823,28 +24475,28 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred
to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -22852,21 +24504,22 @@ spec:
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for /dev/sda
+ is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -22874,7 +24527,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at
+ description: 'gitRepo represents a git repository at
a particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo
@@ -22882,37 +24535,38 @@ spec:
container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git
+ repository. Otherwise, if specified, the volume
+ will contain the git repository in the subdirectory
+ with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -22921,7 +24575,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used for
system agents or other privileged things that are
@@ -22932,71 +24586,73 @@ spec:
directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the link
to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and
- 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically TCP
+ ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -23007,9 +24663,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -23017,20 +24674,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -23038,132 +24695,133 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for mode
- bits. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Directories within the path
+ are not affected by this setting. This might be
+ in conflict with other options that affect the
+ file mode, like fsGroup, and the result can be
+ other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the key
- and content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the ConfigMap,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the ConfigMap, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -23178,14 +24836,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -23277,53 +24935,53 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and
- content is the value. If specified,
- the listed keys will be projected into
- the specified paths, and unlisted keys
- will not be present. If a key is specified
- which is not present in the Secret,
- the volume setup will error unless it
- is marked optional. Paths must be relative
- and may not contain the '..' path or
- start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the Secret, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
- both octal and decimal values,
- JSON requires decimal values for
- mode bits. If not specified, the
- volume defaultMode will be used.
- This might be in conflict with
- other options that affect the
- file mode, like fsGroup, and the
- result can be other mode bits
- set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'.
- May not start with the string
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
'..'.
type: string
required:
@@ -23338,17 +24996,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient of
a token must identify itself with an
identifier specified in the audience
@@ -23357,7 +25015,7 @@ spec:
the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of the
service account token. As the token
approaches expiration, the kubelet volume
@@ -23371,7 +25029,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to project
the token into.
type: string
@@ -23382,36 +25040,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -23419,44 +25077,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -23469,37 +25129,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -23513,26 +25174,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a
- volume should be ThickProvisioned or ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -23540,27 +25201,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values for
- mode bits. Defaults to 0644. Directories within
- the path are not affected by this setting. This
- might be in conflict with other options that affect
- the file mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present.
If a key is specified which is not present in
@@ -23573,26 +25234,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be an
- octal value between 0000 and 0777 or a decimal
- value between 0 and 511. YAML accepts both
- octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This
- might be in conflict with other options
- that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element '..'.
- May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -23600,30 +25263,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -23636,12 +25300,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -23653,26 +25317,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -23782,6 +25447,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -23826,123 +25511,128 @@ spec:
one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
+ description: 'awsElasticBlockStore represents an AWS Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the readOnly
+ setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
+ description: azureDisk represents an Azure Data Disk mount
on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in the
+ blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is Filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure managed
data disk (only in managed availability set). defaults
to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is a
+ collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default is
+ /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile is
+ the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -23953,31 +25643,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting in
VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a secret
+ object containing parameters used to connect to
+ OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -23988,33 +25679,34 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the ConfigMap,
@@ -24026,14 +25718,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -24042,10 +25734,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -24058,29 +25750,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the
+ associated CSI driver which will determine the default
+ filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
+ description: nodePublishSecretRef is a reference to
the secret object containing sensitive information
to pass to the CSI driver to complete the CSI NodePublishVolume
and NodeUnpublishVolume calls. This field is optional,
@@ -24097,13 +25789,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
+ description: readOnly specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver. Consult
your driver's documentation for supported values.
type: object
@@ -24111,7 +25803,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -24204,32 +25896,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default is
+ "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The size
+ limit is also applicable for memory medium. The
+ maximum usage on memory medium EmptyDir would be
+ the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is handled
+ description: "ephemeral represents a volume that is handled
by a cluster storage driver. The volume's lifecycle
is tied to the pod that defines it - it will be created
before the pod starts, and deleted when the pod is removed.
@@ -24286,24 +25979,27 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source, it
will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
+ of the specified data source. When the AnyVolumeDataSource
+ feature gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource when
+ dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -24327,32 +26023,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
+ API group (non core object) or a PersistentVolumeClaim
+ object. When this field is specified, volume
+ binding will only succeed if the type of
+ the specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such if both
+ fields are non-empty, they must have the
+ same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
+ if one of them is empty and the other is
+ non-empty. When namespace is specified in
+ dataSourceRef, dataSource isn''t set to
+ the same value and must be empty. There
+ are three important differences between
+ dataSource and dataSourceRef: * While dataSource
+ only allows two specific types of objects,
+ dataSourceRef allows any non-core object,
+ as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves
all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
+ disallowed value is specified. * While dataSource
+ only allows local objects, dataSourceRef
+ allows objects in any namespaces. (Beta)
+ Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -24370,13 +26076,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note that
+ when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant
+ documentation for details. (Alpha) This
+ field requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are lower
@@ -24384,6 +26100,31 @@ spec:
than capacity recorded in the status field
of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of
+ resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is
+ used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -24411,8 +26152,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to
- consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -24464,8 +26205,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -24474,7 +26216,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -24483,71 +26225,74 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource that
+ description: fc represents a Fibre Channel resource that
is attached to a kubelet's host machine and then exposed
to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target worldwide
+ names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume resource
+ description: flexVolume represents a generic volume resource
that is provisioned/attached using an exec based plugin.
properties:
driver:
- description: Driver is the name of the driver to use
+ description: driver is the name of the driver to use
for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified. If
+ the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -24561,49 +26306,50 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset stored
+ as metadata -> name on the dataset for Flocker should
+ be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -24611,42 +26357,43 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at a
+ description: 'gitRepo represents a git repository at a
particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an EmptyDir
into an InitContainer that clones the repo using git,
then mount the EmptyDir into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git repository. Otherwise,
if specified, the volume will contain the git repository
in the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the specified
+ revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
+ description: 'glusterfs represents a Glusterfs mount on
the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name that
+ description: 'endpoints is the endpoint name that
details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path. More
+ description: 'path is the Glusterfs volume path. More
info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -24655,7 +26402,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly exposed
to the container. This is generally used for system
agents or other privileged things that are allowed to
@@ -24666,69 +26413,73 @@ spec:
as read/write.'
properties:
path:
- description: 'Path of the directory on the host. If
+ description: 'path of the directory on the host. If
the path is a symlink, it will follow the link to
the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults to
+ description: 'type for HostPath Volume Defaults to
"" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and then
exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: portals is the iSCSI Target Portal List.
+ The portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -24739,9 +26490,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
type: string
required:
- iqn
@@ -24749,20 +26501,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -24770,113 +26522,115 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
+ description: defaultMode are the mode bits used to
+ set permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal values
+ for mode bits. Directories within the path are not
+ affected by this setting. This might be in conflict
+ with other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected along
with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced ConfigMap will be projected
+ into the volume as a file whose name is
+ the key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -24888,11 +26642,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -24906,14 +26661,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether the
+ ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about the
+ downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -25002,35 +26757,36 @@ spec:
type: array
type: object
secret:
- description: information about the secret data
- to project
+ description: secret information about the secret
+ data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced Secret will be projected into
+ the volume as a file whose name is the
+ key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may
+ not contain the '..' path or start with
+ '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -25042,11 +26798,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -25060,17 +26817,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended audience
+ description: audience is the intended audience
of the token. A recipient of a token must
identify itself with an identifier specified
in the audience of the token, and otherwise
@@ -25078,7 +26835,7 @@ spec:
defaults to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the requested
+ description: expirationSeconds is the requested
duration of validity of the service account
token. As the token approaches expiration,
the kubelet volume plugin will proactively
@@ -25091,7 +26848,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative to
+ description: path is the path relative to
the mount point of the file to project
the token into.
type: string
@@ -25102,36 +26859,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references an
+ description: volume is a string that references an
already created Quobyte volume by name.
type: string
required:
@@ -25139,44 +26896,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -25189,35 +26948,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
+ description: scaleIO represents a ScaleIO persistent volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API Gateway.
+ description: gateway is the host address of the ScaleIO
+ API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
+ description: protectionDomain is the name of the ScaleIO
+ Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret for
+ description: secretRef references to the secret for
ScaleIO user and other sensitive information. If
this is not provided, Login operation will fail.
properties:
@@ -25230,26 +26992,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
+ description: sslEnabled Flag enable/disable SSL communication
with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
+ description: storagePool is the ScaleIO Storage Pool
+ associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
+ description: volumeName is the name of a volume already
+ created in the ScaleIO system that is associated
+ with this volume source.
type: string
required:
- gateway
@@ -25257,26 +27019,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should populate
+ description: 'secret represents a secret that should populate
this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the Secret,
@@ -25288,14 +27051,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -25304,10 +27067,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -25315,30 +27078,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the Secret
+ or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume attached
+ description: storageOS represents a StorageOS volume attached
and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -25351,12 +27115,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope of
+ description: volumeNamespace specifies the scope of
the volume within StorageOS. If no namespace is
specified then the Pod's namespace will be used. This
allows the Kubernetes name scoping to be mirrored
@@ -25368,25 +27132,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated with
+ the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -25824,6 +27590,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -26171,6 +27957,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -26524,6 +28330,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -26827,6 +28653,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -27135,6 +28981,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -27365,6 +29231,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -40605,6 +42491,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -40667,128 +42573,133 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the
- blob storage
+ description: diskName is the Name of the data
+ disk in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob
- storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on
+ description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts. More info:
+ https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is
+ /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef
+ is reference to the authentication secret for
+ User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -40799,32 +42710,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info:
https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Examples: "ext4",
+ "xfs", "ntfs". Implicitly inferred to be "ext4"
+ if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to
+ a secret object containing parameters used to
+ connect to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -40835,33 +42747,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that
+ description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file
whose name is the key and content is the value.
If specified, the listed keys will be projected
@@ -40876,27 +42788,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -40910,30 +42823,30 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your
admin for the correct name as registered in
the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is
+ passed to the associated CSI driver which will
+ determine the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -40951,13 +42864,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -40966,7 +42879,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -41065,33 +42978,34 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default
+ medium. Must be an empty string (default) or
+ Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of
+ local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory
+ medium. The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is nil
+ which means that the limit is undefined. More
+ info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -41151,25 +43065,29 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the
+ description: 'accessModes contains the
desired access modes the volume should
have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be
+ used to specify either: * An existing
+ VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on
the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and
+ dataSourceRef contents will be copied
+ to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is
+ specified, then dataSourceRef will not
+ be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group
@@ -41193,35 +43111,44 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
+ description: 'dataSourceRef specifies
+ the object from which to populate the
+ volume with data, if a non-empty volume
+ is desired. This may be any object from
+ a non-empty API group (non core object)
+ or a PersistentVolumeClaim object. When
+ this field is specified, volume binding
+ will only succeed if the type of the
+ specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such
+ if both fields are non-empty, they must
+ have the same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
+ is non-empty. When namespace is specified
+ in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty.
+ There are three important differences
+ between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
+ objects. * While dataSource ignores
+ disallowed values (dropping them), dataSourceRef
preserves all values, and generates
an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
+ * While dataSource only allows local
+ objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this
+ field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha)
+ Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group
@@ -41239,13 +43166,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation
+ for details. (Alpha) This field
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the
+ description: 'resources represents the
minimum resources the volume should
have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed
@@ -41255,6 +43194,31 @@ spec:
in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container.
+ \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match
+ the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -41283,8 +43247,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query
+ over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a
@@ -41341,8 +43305,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the
+ name of the StorageClass required by
+ the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -41351,7 +43316,7 @@ spec:
not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding
+ description: volumeName is the binding
reference to the PersistentVolume backing
this claim.
type: string
@@ -41361,74 +43326,77 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. TODO: how do we prevent errors
+ in the filesystem from compromising the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world
+ wide identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver
+ description: driver is the name of the driver
to use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". The default filesystem depends on FlexVolume
+ script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options
- if any.'
+ description: 'options is Optional: this field
+ holds extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef
+ is reference to the secret object containing
+ sensitive information to pass to the plugin
+ scripts. This may be empty if no secret object
+ is specified. If the secret object contains
+ more than one secret, all secrets are passed
+ to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -41442,52 +43410,52 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the
Flocker control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD
+ resource in GCE. Used to identify the disk in
+ GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -41495,7 +43463,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository
+ description: 'gitRepo represents a git repository
at a particular revision. DEPRECATED: GitRepo is
deprecated. To provision a container with a git
repo, mount an EmptyDir into an InitContainer that
@@ -41503,38 +43471,38 @@ spec:
into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory
+ name. Must not contain or start with '..'. If
+ '.' is supplied, the volume directory will be
+ the git repository. Otherwise, if specified,
+ the volume will contain the git repository in
+ the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More
info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -41543,7 +43511,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used
for system agents or other privileged things that
@@ -41554,72 +43522,75 @@ spec:
host directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the
link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
+ description: initiatorName is the custom iSCSI
+ Initiator Name. If initiatorName is specified
+ with iscsiInterface simultaneously, new iSCSI
+ interface : will
+ be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified
+ Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically
+ TCP ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -41630,10 +43601,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -41641,20 +43612,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS
+ description: 'path that is exported by the NFS
server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS
+ description: 'readOnly here will force the NFS
export to be mounted with read-only permissions.
Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -41662,134 +43633,138 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this
volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly
+ setting in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets
host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx
+ description: portworxVolume represents a portworx
volume attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem
+ description: fSType represents the filesystem
type to mount Must be a filesystem type supported
by the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that
+ affect the file mode, like fsGroup, and the
+ result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about
+ the configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the ConfigMap, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -41803,14 +43778,15 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -41903,55 +43879,57 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the Secret, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -41965,17 +43943,19 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient
of a token must identify itself with
an identifier specified in the audience
@@ -41984,7 +43964,7 @@ spec:
to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of
the service account token. As the
token approaches expiration, the kubelet
@@ -41998,7 +43978,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to
project the token into.
type: string
@@ -42009,36 +43989,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on
+ description: quobyte represents a Quobyte mount on
the host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -42046,46 +44026,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device
+ description: 'rbd represents a Rados Block Device
mount on the host that shares a pod''s lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring
+ description: 'keyring is the path to key ring
for RBDUser. Default is /etc/ceph/keyring. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph
+ monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -42098,37 +44078,39 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Default is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured
+ storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -42142,26 +44124,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
+ description: storageMode indicates whether the
+ storage for a volume should be ThickProvisioned
+ or ThinProvisioned. Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as
- configured in ScaleIO.
+ description: system is the name of the storage
+ system as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -42169,29 +44151,29 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
into the specified paths, and unlisted keys
will not be present. If a key is specified which
is not present in the Secret, the volume setup
@@ -42203,27 +44185,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -42231,30 +44214,32 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its
- keys must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to
+ description: secretRef specifies the secret to
use for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -42267,12 +44252,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable
+ description: volumeName is the human-readable
name of the StorageOS volume. Volume names
are only unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -42285,26 +44270,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -43228,6 +45214,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -43308,128 +45314,133 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the
- blob storage
+ description: diskName is the Name of the data
+ disk in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob
- storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on
+ description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts. More info:
+ https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is
+ /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef
+ is reference to the authentication secret for
+ User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -43440,32 +45451,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info:
https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Examples: "ext4",
+ "xfs", "ntfs". Implicitly inferred to be "ext4"
+ if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to
+ a secret object containing parameters used to
+ connect to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -43476,33 +45488,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that
+ description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file
whose name is the key and content is the value.
If specified, the listed keys will be projected
@@ -43517,27 +45529,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -43551,30 +45564,30 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your
admin for the correct name as registered in
the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is
+ passed to the associated CSI driver which will
+ determine the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -43592,13 +45605,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -43607,7 +45620,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -43706,33 +45719,34 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default
+ medium. Must be an empty string (default) or
+ Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of
+ local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory
+ medium. The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is nil
+ which means that the limit is undefined. More
+ info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -43792,25 +45806,29 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the
+ description: 'accessModes contains the
desired access modes the volume should
have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be
+ used to specify either: * An existing
+ VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on
the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and
+ dataSourceRef contents will be copied
+ to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is
+ specified, then dataSourceRef will not
+ be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group
@@ -43834,35 +45852,44 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
+ description: 'dataSourceRef specifies
+ the object from which to populate the
+ volume with data, if a non-empty volume
+ is desired. This may be any object from
+ a non-empty API group (non core object)
+ or a PersistentVolumeClaim object. When
+ this field is specified, volume binding
+ will only succeed if the type of the
+ specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such
+ if both fields are non-empty, they must
+ have the same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
+ is non-empty. When namespace is specified
+ in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty.
+ There are three important differences
+ between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
+ objects. * While dataSource ignores
+ disallowed values (dropping them), dataSourceRef
preserves all values, and generates
an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
+ * While dataSource only allows local
+ objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this
+ field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha)
+ Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group
@@ -43880,13 +45907,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation
+ for details. (Alpha) This field
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the
+ description: 'resources represents the
minimum resources the volume should
have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed
@@ -43896,6 +45935,31 @@ spec:
in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container.
+ \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match
+ the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -43924,8 +45988,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query
+ over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a
@@ -43982,8 +46046,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the
+ name of the StorageClass required by
+ the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -43992,7 +46057,7 @@ spec:
not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding
+ description: volumeName is the binding
reference to the PersistentVolume backing
this claim.
type: string
@@ -44002,74 +46067,77 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. TODO: how do we prevent errors
+ in the filesystem from compromising the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world
+ wide identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver
+ description: driver is the name of the driver
to use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". The default filesystem depends on FlexVolume
+ script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options
- if any.'
+ description: 'options is Optional: this field
+ holds extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef
+ is reference to the secret object containing
+ sensitive information to pass to the plugin
+ scripts. This may be empty if no secret object
+ is specified. If the secret object contains
+ more than one secret, all secrets are passed
+ to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -44083,52 +46151,52 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the
Flocker control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD
+ resource in GCE. Used to identify the disk in
+ GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -44136,7 +46204,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository
+ description: 'gitRepo represents a git repository
at a particular revision. DEPRECATED: GitRepo is
deprecated. To provision a container with a git
repo, mount an EmptyDir into an InitContainer that
@@ -44144,38 +46212,38 @@ spec:
into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory
+ name. Must not contain or start with '..'. If
+ '.' is supplied, the volume directory will be
+ the git repository. Otherwise, if specified,
+ the volume will contain the git repository in
+ the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More
info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -44184,7 +46252,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used
for system agents or other privileged things that
@@ -44195,72 +46263,75 @@ spec:
host directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the
link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface : will be created for the connection.
+ description: initiatorName is the custom iSCSI
+ Initiator Name. If initiatorName is specified
+ with iscsiInterface simultaneously, new iSCSI
+ interface : will
+ be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified
+ Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an
- iSCSI transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860
- and 3260).
+ description: portals is the iSCSI Target Portal
+ List. The portal is either an IP or ip_addr:port
+ if the port is other than default (typically
+ TCP ports 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and
- initiator authentication
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -44271,10 +46342,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is
- either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860
- and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if
+ the port is other than default (typically TCP
+ ports 860 and 3260).
type: string
required:
- iqn
@@ -44282,20 +46353,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS
+ description: 'path that is exported by the NFS
server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS
+ description: 'readOnly here will force the NFS
export to be mounted with read-only permissions.
Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -44303,134 +46374,138 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same
namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this
volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in
- VolumeMounts. Default false.
+ description: readOnly Will force the ReadOnly
+ setting in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets
host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx
+ description: portworxVolume represents a portworx
volume attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem
+ description: fSType represents the filesystem
type to mount Must be a filesystem type supported
by the host operating system. Ex. "ext4", "xfs".
Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets,
- configmaps, and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions
- on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal and
- decimal values, JSON requires decimal values
- for mode bits. Directories within the path are
- not affected by this setting. This might be
- in conflict with other options that affect the
- file mode, like fsGroup, and the result can
- be other mode bits set.
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires
+ decimal values for mode bits. Directories within
+ the path are not affected by this setting. This
+ might be in conflict with other options that
+ affect the file mode, like fsGroup, and the
+ result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about
+ the configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the ConfigMap, the volume setup
- will error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the ConfigMap, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -44444,14 +46519,15 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about
+ the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -44544,55 +46620,57 @@ spec:
type: array
type: object
secret:
- description: information about the secret
- data to project
+ description: secret information about the
+ secret data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the
- volume as a file whose name is the
- key and content is the value. If specified,
- the listed keys will be projected
- into the specified paths, and unlisted
- keys will not be present. If a key
- is specified which is not present
- in the Secret, the volume setup will
- error unless it is marked optional.
- Paths must be relative and may not
- contain the '..' path or start with
- '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will
+ be projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not
+ present in the Secret, the volume
+ setup will error unless it is marked
+ optional. Paths must be relative and
+ may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to
+ project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value
- between 0000 and 0777 or a decimal
- value between 0 and 511. YAML
- accepts both octal and decimal
- values, JSON requires decimal
- values for mode bits. If not
- specified, the volume defaultMode
- will be used. This might be
- in conflict with other options
- that affect the file mode, like
- fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777
+ or a decimal value between 0
+ and 511. YAML accepts both octal
+ and decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume
+ defaultMode will be used. This
+ might be in conflict with other
+ options that affect the file
+ mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
format: int32
type: integer
path:
- description: The relative path
- of the file to map the key to.
- May not be an absolute path.
- May not contain the path element
- '..'. May not start with the
- string '..'.
+ description: path is the relative
+ path of the file to map the
+ key to. May not be an absolute
+ path. May not contain the path
+ element '..'. May not start
+ with the string '..'.
type: string
required:
- key
@@ -44606,17 +46684,19 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
properties:
audience:
- description: Audience is the intended
+ description: audience is the intended
audience of the token. A recipient
of a token must identify itself with
an identifier specified in the audience
@@ -44625,7 +46705,7 @@ spec:
to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the
+ description: expirationSeconds is the
requested duration of validity of
the service account token. As the
token approaches expiration, the kubelet
@@ -44639,7 +46719,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative
+ description: path is the path relative
to the mount point of the file to
project the token into.
type: string
@@ -44650,36 +46730,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on
+ description: quobyte represents a Quobyte mount on
the host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references
+ description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
@@ -44687,46 +46767,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device
+ description: 'rbd represents a Rados Block Device
mount on the host that shares a pod''s lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring
+ description: 'keyring is the path to key ring
for RBDUser. Default is /etc/ceph/keyring. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph
+ monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is
- rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -44739,37 +46819,39 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is
- admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent
+ description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Default is
- "xfs".
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Default is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API
- Gateway.
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection
- Domain for the configured storage.
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured
+ storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret
+ description: secretRef references to the secret
for ScaleIO user and other sensitive information.
If this is not provided, Login operation will
fail.
@@ -44783,26 +46865,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
- with Gateway, default false
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
+ description: storageMode indicates whether the
+ storage for a volume should be ThickProvisioned
+ or ThinProvisioned. Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated
- with the protection domain.
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
type: string
system:
- description: The name of the storage system as
- configured in ScaleIO.
+ description: system is the name of the storage
+ system as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with
- this volume source.
+ description: volumeName is the name of a volume
+ already created in the ScaleIO system that is
+ associated with this volume source.
type: string
required:
- gateway
@@ -44810,29 +46892,29 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should
+ description: 'secret represents a secret that should
populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced Secret will
- be projected into the volume as a file whose
- name is the key and content is the value. If
- specified, the listed keys will be projected
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file
+ whose name is the key and content is the value.
+ If specified, the listed keys will be projected
into the specified paths, and unlisted keys
will not be present. If a key is specified which
is not present in the Secret, the volume setup
@@ -44844,27 +46926,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -44872,30 +46955,32 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its
- keys must be defined
+ description: optional field specify whether the
+ Secret or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s
- namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume
+ description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to
+ description: secretRef specifies the secret to
use for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -44908,12 +46993,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable
+ description: volumeName is the human-readable
name of the StorageOS volume. Volume names
are only unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope
+ description: volumeNamespace specifies the scope
of the volume within StorageOS. If no namespace
is specified then the Pod's namespace will be
used. This allows the Kubernetes name scoping
@@ -44926,26 +47011,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume
- vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -45582,6 +47668,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -45831,6 +47937,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -55083,6 +57209,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -55202,123 +57348,128 @@ spec:
one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
+ description: 'awsElasticBlockStore represents an AWS Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the readOnly
+ setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
+ description: azureDisk represents an Azure Data Disk mount
on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in the
+ blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is Filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure managed
data disk (only in managed availability set). defaults
to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is a
+ collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default is
+ /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile is
+ the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -55329,31 +57480,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting in
VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a secret
+ object containing parameters used to connect to
+ OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -55364,33 +57516,34 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the ConfigMap,
@@ -55402,14 +57555,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -55418,10 +57571,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -55434,29 +57587,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the
+ associated CSI driver which will determine the default
+ filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
+ description: nodePublishSecretRef is a reference to
the secret object containing sensitive information
to pass to the CSI driver to complete the CSI NodePublishVolume
and NodeUnpublishVolume calls. This field is optional,
@@ -55473,13 +57626,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
+ description: readOnly specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver. Consult
your driver's documentation for supported values.
type: object
@@ -55487,7 +57640,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -55580,32 +57733,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default is
+ "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The size
+ limit is also applicable for memory medium. The
+ maximum usage on memory medium EmptyDir would be
+ the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is handled
+ description: "ephemeral represents a volume that is handled
by a cluster storage driver. The volume's lifecycle
is tied to the pod that defines it - it will be created
before the pod starts, and deleted when the pod is removed.
@@ -55662,24 +57816,27 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source, it
will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
+ of the specified data source. When the AnyVolumeDataSource
+ feature gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource when
+ dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -55703,32 +57860,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
+ API group (non core object) or a PersistentVolumeClaim
+ object. When this field is specified, volume
+ binding will only succeed if the type of
+ the specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such if both
+ fields are non-empty, they must have the
+ same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
+ if one of them is empty and the other is
+ non-empty. When namespace is specified in
+ dataSourceRef, dataSource isn''t set to
+ the same value and must be empty. There
+ are three important differences between
+ dataSource and dataSourceRef: * While dataSource
+ only allows two specific types of objects,
+ dataSourceRef allows any non-core object,
+ as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves
all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
+ disallowed value is specified. * While dataSource
+ only allows local objects, dataSourceRef
+ allows objects in any namespaces. (Beta)
+ Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -55746,13 +57913,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note that
+ when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant
+ documentation for details. (Alpha) This
+ field requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are lower
@@ -55760,6 +57937,31 @@ spec:
than capacity recorded in the status field
of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of
+ resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is
+ used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -55787,8 +57989,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to
- consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -55840,8 +58042,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -55850,7 +58053,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -55859,71 +58062,74 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource that
+ description: fc represents a Fibre Channel resource that
is attached to a kubelet's host machine and then exposed
to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target worldwide
+ names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume resource
+ description: flexVolume represents a generic volume resource
that is provisioned/attached using an exec based plugin.
properties:
driver:
- description: Driver is the name of the driver to use
+ description: driver is the name of the driver to use
for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified. If
+ the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -55937,49 +58143,50 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset stored
+ as metadata -> name on the dataset for Flocker should
+ be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -55987,42 +58194,43 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at a
+ description: 'gitRepo represents a git repository at a
particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an EmptyDir
into an InitContainer that clones the repo using git,
then mount the EmptyDir into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git repository. Otherwise,
if specified, the volume will contain the git repository
in the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the specified
+ revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
+ description: 'glusterfs represents a Glusterfs mount on
the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name that
+ description: 'endpoints is the endpoint name that
details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path. More
+ description: 'path is the Glusterfs volume path. More
info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -56031,7 +58239,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly exposed
to the container. This is generally used for system
agents or other privileged things that are allowed to
@@ -56042,69 +58250,73 @@ spec:
as read/write.'
properties:
path:
- description: 'Path of the directory on the host. If
+ description: 'path of the directory on the host. If
the path is a symlink, it will follow the link to
the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults to
+ description: 'type for HostPath Volume Defaults to
"" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and then
exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: portals is the iSCSI Target Portal List.
+ The portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -56115,9 +58327,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
type: string
required:
- iqn
@@ -56125,20 +58338,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -56146,113 +58359,115 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
+ description: defaultMode are the mode bits used to
+ set permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal values
+ for mode bits. Directories within the path are not
+ affected by this setting. This might be in conflict
+ with other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected along
with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced ConfigMap will be projected
+ into the volume as a file whose name is
+ the key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -56264,11 +58479,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -56282,14 +58498,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether the
+ ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about the
+ downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -56378,35 +58594,36 @@ spec:
type: array
type: object
secret:
- description: information about the secret data
- to project
+ description: secret information about the secret
+ data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced Secret will be projected into
+ the volume as a file whose name is the
+ key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may
+ not contain the '..' path or start with
+ '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -56418,11 +58635,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -56436,17 +58654,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended audience
+ description: audience is the intended audience
of the token. A recipient of a token must
identify itself with an identifier specified
in the audience of the token, and otherwise
@@ -56454,7 +58672,7 @@ spec:
defaults to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the requested
+ description: expirationSeconds is the requested
duration of validity of the service account
token. As the token approaches expiration,
the kubelet volume plugin will proactively
@@ -56467,7 +58685,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative to
+ description: path is the path relative to
the mount point of the file to project
the token into.
type: string
@@ -56478,36 +58696,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references an
+ description: volume is a string that references an
already created Quobyte volume by name.
type: string
required:
@@ -56515,44 +58733,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -56565,35 +58785,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
+ description: scaleIO represents a ScaleIO persistent volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API Gateway.
+ description: gateway is the host address of the ScaleIO
+ API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
+ description: protectionDomain is the name of the ScaleIO
+ Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret for
+ description: secretRef references to the secret for
ScaleIO user and other sensitive information. If
this is not provided, Login operation will fail.
properties:
@@ -56606,26 +58829,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
+ description: sslEnabled Flag enable/disable SSL communication
with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
+ description: storagePool is the ScaleIO Storage Pool
+ associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
+ description: volumeName is the name of a volume already
+ created in the ScaleIO system that is associated
+ with this volume source.
type: string
required:
- gateway
@@ -56633,26 +58856,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should populate
+ description: 'secret represents a secret that should populate
this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the Secret,
@@ -56664,14 +58888,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -56680,10 +58904,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -56691,30 +58915,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the Secret
+ or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume attached
+ description: storageOS represents a StorageOS volume attached
and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -56727,12 +58952,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope of
+ description: volumeNamespace specifies the scope of
the volume within StorageOS. If no namespace is
specified then the Pod's namespace will be used. This
allows the Kubernetes name scoping to be mirrored
@@ -56744,25 +58969,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated with
+ the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -56781,123 +59008,128 @@ spec:
one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
+ description: 'awsElasticBlockStore represents an AWS Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the readOnly
+ setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
+ description: azureDisk represents an Azure Data Disk mount
on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in the
+ blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is Filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure managed
data disk (only in managed availability set). defaults
to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is a
+ collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default is
+ /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile is
+ the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -56908,31 +59140,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting in
VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a secret
+ object containing parameters used to connect to
+ OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -56943,33 +59176,34 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the ConfigMap,
@@ -56981,14 +59215,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -56997,10 +59231,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -57013,29 +59247,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the
+ associated CSI driver which will determine the default
+ filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
+ description: nodePublishSecretRef is a reference to
the secret object containing sensitive information
to pass to the CSI driver to complete the CSI NodePublishVolume
and NodeUnpublishVolume calls. This field is optional,
@@ -57052,13 +59286,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
+ description: readOnly specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver. Consult
your driver's documentation for supported values.
type: object
@@ -57066,7 +59300,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -57159,32 +59393,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default is
+ "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The size
+ limit is also applicable for memory medium. The
+ maximum usage on memory medium EmptyDir would be
+ the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is handled
+ description: "ephemeral represents a volume that is handled
by a cluster storage driver. The volume's lifecycle
is tied to the pod that defines it - it will be created
before the pod starts, and deleted when the pod is removed.
@@ -57241,24 +59476,27 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source, it
will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
+ of the specified data source. When the AnyVolumeDataSource
+ feature gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource when
+ dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -57282,32 +59520,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
+ API group (non core object) or a PersistentVolumeClaim
+ object. When this field is specified, volume
+ binding will only succeed if the type of
+ the specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such if both
+ fields are non-empty, they must have the
+ same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
+ if one of them is empty and the other is
+ non-empty. When namespace is specified in
+ dataSourceRef, dataSource isn''t set to
+ the same value and must be empty. There
+ are three important differences between
+ dataSource and dataSourceRef: * While dataSource
+ only allows two specific types of objects,
+ dataSourceRef allows any non-core object,
+ as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves
all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
+ disallowed value is specified. * While dataSource
+ only allows local objects, dataSourceRef
+ allows objects in any namespaces. (Beta)
+ Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -57325,13 +59573,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note that
+ when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant
+ documentation for details. (Alpha) This
+ field requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are lower
@@ -57339,6 +59597,31 @@ spec:
than capacity recorded in the status field
of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of
+ resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is
+ used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -57366,8 +59649,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to
- consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -57419,8 +59702,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -57429,7 +59713,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -57438,71 +59722,74 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource that
+ description: fc represents a Fibre Channel resource that
is attached to a kubelet's host machine and then exposed
to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target worldwide
+ names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume resource
+ description: flexVolume represents a generic volume resource
that is provisioned/attached using an exec based plugin.
properties:
driver:
- description: Driver is the name of the driver to use
+ description: driver is the name of the driver to use
for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified. If
+ the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -57516,49 +59803,50 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset stored
+ as metadata -> name on the dataset for Flocker should
+ be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -57566,42 +59854,43 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at a
+ description: 'gitRepo represents a git repository at a
particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an EmptyDir
into an InitContainer that clones the repo using git,
then mount the EmptyDir into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git repository. Otherwise,
if specified, the volume will contain the git repository
in the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the specified
+ revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
+ description: 'glusterfs represents a Glusterfs mount on
the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name that
+ description: 'endpoints is the endpoint name that
details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path. More
+ description: 'path is the Glusterfs volume path. More
info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -57610,7 +59899,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly exposed
to the container. This is generally used for system
agents or other privileged things that are allowed to
@@ -57621,69 +59910,73 @@ spec:
as read/write.'
properties:
path:
- description: 'Path of the directory on the host. If
+ description: 'path of the directory on the host. If
the path is a symlink, it will follow the link to
the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults to
+ description: 'type for HostPath Volume Defaults to
"" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and then
exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: portals is the iSCSI Target Portal List.
+ The portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -57694,9 +59987,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
type: string
required:
- iqn
@@ -57704,20 +59998,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -57725,113 +60019,115 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
+ description: defaultMode are the mode bits used to
+ set permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal values
+ for mode bits. Directories within the path are not
+ affected by this setting. This might be in conflict
+ with other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected along
with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced ConfigMap will be projected
+ into the volume as a file whose name is
+ the key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -57843,11 +60139,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -57861,14 +60158,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether the
+ ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about the
+ downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -57957,35 +60254,36 @@ spec:
type: array
type: object
secret:
- description: information about the secret data
- to project
+ description: secret information about the secret
+ data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced Secret will be projected into
+ the volume as a file whose name is the
+ key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may
+ not contain the '..' path or start with
+ '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -57997,11 +60295,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -58015,17 +60314,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended audience
+ description: audience is the intended audience
of the token. A recipient of a token must
identify itself with an identifier specified
in the audience of the token, and otherwise
@@ -58033,7 +60332,7 @@ spec:
defaults to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the requested
+ description: expirationSeconds is the requested
duration of validity of the service account
token. As the token approaches expiration,
the kubelet volume plugin will proactively
@@ -58046,7 +60345,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative to
+ description: path is the path relative to
the mount point of the file to project
the token into.
type: string
@@ -58057,36 +60356,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references an
+ description: volume is a string that references an
already created Quobyte volume by name.
type: string
required:
@@ -58094,44 +60393,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -58144,35 +60445,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
+ description: scaleIO represents a ScaleIO persistent volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API Gateway.
+ description: gateway is the host address of the ScaleIO
+ API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
+ description: protectionDomain is the name of the ScaleIO
+ Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret for
+ description: secretRef references to the secret for
ScaleIO user and other sensitive information. If
this is not provided, Login operation will fail.
properties:
@@ -58185,26 +60489,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
+ description: sslEnabled Flag enable/disable SSL communication
with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
+ description: storagePool is the ScaleIO Storage Pool
+ associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
+ description: volumeName is the name of a volume already
+ created in the ScaleIO system that is associated
+ with this volume source.
type: string
required:
- gateway
@@ -58212,26 +60516,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should populate
+ description: 'secret represents a secret that should populate
this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the Secret,
@@ -58243,14 +60548,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -58259,10 +60564,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -58270,30 +60575,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the Secret
+ or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume attached
+ description: storageOS represents a StorageOS volume attached
and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -58306,12 +60612,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope of
+ description: volumeNamespace specifies the scope of
the volume within StorageOS. If no namespace is
specified then the Pod's namespace will be used. This
allows the Kubernetes name scoping to be mirrored
@@ -58323,25 +60629,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated with
+ the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -58702,6 +61010,26 @@ spec:
description: 'Compute Resources required by this component. Cannot
be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
+ claims:
+ description: "Claims lists the names of resources, defined in
+ spec.resourceClaims, that are used by this container. \n This
+ is an alpha field and requires enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -58821,123 +61149,128 @@ spec:
one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
+ description: 'awsElasticBlockStore represents an AWS Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the readOnly
+ setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
+ description: azureDisk represents an Azure Data Disk mount
on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in the
+ blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is Filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure managed
data disk (only in managed availability set). defaults
to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is a
+ collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default is
+ /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile is
+ the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -58948,31 +61281,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting in
VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a secret
+ object containing parameters used to connect to
+ OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -58983,33 +61317,34 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the ConfigMap,
@@ -59021,14 +61356,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -59037,10 +61372,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -59053,29 +61388,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the
+ associated CSI driver which will determine the default
+ filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
+ description: nodePublishSecretRef is a reference to
the secret object containing sensitive information
to pass to the CSI driver to complete the CSI NodePublishVolume
and NodeUnpublishVolume calls. This field is optional,
@@ -59092,13 +61427,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
+ description: readOnly specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver. Consult
your driver's documentation for supported values.
type: object
@@ -59106,7 +61441,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -59199,32 +61534,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default is
+ "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The size
+ limit is also applicable for memory medium. The
+ maximum usage on memory medium EmptyDir would be
+ the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is handled
+ description: "ephemeral represents a volume that is handled
by a cluster storage driver. The volume's lifecycle
is tied to the pod that defines it - it will be created
before the pod starts, and deleted when the pod is removed.
@@ -59281,24 +61617,27 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source, it
will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
+ of the specified data source. When the AnyVolumeDataSource
+ feature gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource when
+ dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -59322,32 +61661,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
+ API group (non core object) or a PersistentVolumeClaim
+ object. When this field is specified, volume
+ binding will only succeed if the type of
+ the specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such if both
+ fields are non-empty, they must have the
+ same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
+ if one of them is empty and the other is
+ non-empty. When namespace is specified in
+ dataSourceRef, dataSource isn''t set to
+ the same value and must be empty. There
+ are three important differences between
+ dataSource and dataSourceRef: * While dataSource
+ only allows two specific types of objects,
+ dataSourceRef allows any non-core object,
+ as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves
all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
+ disallowed value is specified. * While dataSource
+ only allows local objects, dataSourceRef
+ allows objects in any namespaces. (Beta)
+ Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -59365,13 +61714,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note that
+ when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant
+ documentation for details. (Alpha) This
+ field requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are lower
@@ -59379,6 +61738,31 @@ spec:
than capacity recorded in the status field
of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of
+ resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is
+ used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -59406,8 +61790,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to
- consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -59459,8 +61843,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -59469,7 +61854,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -59478,71 +61863,74 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource that
+ description: fc represents a Fibre Channel resource that
is attached to a kubelet's host machine and then exposed
to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target worldwide
+ names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume resource
+ description: flexVolume represents a generic volume resource
that is provisioned/attached using an exec based plugin.
properties:
driver:
- description: Driver is the name of the driver to use
+ description: driver is the name of the driver to use
for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified. If
+ the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -59556,49 +61944,50 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset stored
+ as metadata -> name on the dataset for Flocker should
+ be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -59606,42 +61995,43 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at a
+ description: 'gitRepo represents a git repository at a
particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an EmptyDir
into an InitContainer that clones the repo using git,
then mount the EmptyDir into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git repository. Otherwise,
if specified, the volume will contain the git repository
in the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the specified
+ revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
+ description: 'glusterfs represents a Glusterfs mount on
the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name that
+ description: 'endpoints is the endpoint name that
details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path. More
+ description: 'path is the Glusterfs volume path. More
info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -59650,7 +62040,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly exposed
to the container. This is generally used for system
agents or other privileged things that are allowed to
@@ -59661,69 +62051,73 @@ spec:
as read/write.'
properties:
path:
- description: 'Path of the directory on the host. If
+ description: 'path of the directory on the host. If
the path is a symlink, it will follow the link to
the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults to
+ description: 'type for HostPath Volume Defaults to
"" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and then
exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: portals is the iSCSI Target Portal List.
+ The portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -59734,9 +62128,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
type: string
required:
- iqn
@@ -59744,20 +62139,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -59765,113 +62160,115 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
+ description: defaultMode are the mode bits used to
+ set permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal values
+ for mode bits. Directories within the path are not
+ affected by this setting. This might be in conflict
+ with other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected along
with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced ConfigMap will be projected
+ into the volume as a file whose name is
+ the key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -59883,11 +62280,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -59901,14 +62299,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether the
+ ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about the
+ downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -59997,35 +62395,36 @@ spec:
type: array
type: object
secret:
- description: information about the secret data
- to project
+ description: secret information about the secret
+ data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced Secret will be projected into
+ the volume as a file whose name is the
+ key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may
+ not contain the '..' path or start with
+ '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -60037,11 +62436,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -60055,17 +62455,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended audience
+ description: audience is the intended audience
of the token. A recipient of a token must
identify itself with an identifier specified
in the audience of the token, and otherwise
@@ -60073,7 +62473,7 @@ spec:
defaults to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the requested
+ description: expirationSeconds is the requested
duration of validity of the service account
token. As the token approaches expiration,
the kubelet volume plugin will proactively
@@ -60086,7 +62486,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative to
+ description: path is the path relative to
the mount point of the file to project
the token into.
type: string
@@ -60097,36 +62497,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references an
+ description: volume is a string that references an
already created Quobyte volume by name.
type: string
required:
@@ -60134,44 +62534,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -60184,35 +62586,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
+ description: scaleIO represents a ScaleIO persistent volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API Gateway.
+ description: gateway is the host address of the ScaleIO
+ API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
+ description: protectionDomain is the name of the ScaleIO
+ Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret for
+ description: secretRef references to the secret for
ScaleIO user and other sensitive information. If
this is not provided, Login operation will fail.
properties:
@@ -60225,26 +62630,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
+ description: sslEnabled Flag enable/disable SSL communication
with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
+ description: storagePool is the ScaleIO Storage Pool
+ associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
+ description: volumeName is the name of a volume already
+ created in the ScaleIO system that is associated
+ with this volume source.
type: string
required:
- gateway
@@ -60252,26 +62657,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should populate
+ description: 'secret represents a secret that should populate
this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the Secret,
@@ -60283,14 +62689,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -60299,10 +62705,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -60310,30 +62716,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the Secret
+ or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume attached
+ description: storageOS represents a StorageOS volume attached
and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -60346,12 +62753,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope of
+ description: volumeNamespace specifies the scope of
the volume within StorageOS. If no namespace is
specified then the Pod's namespace will be used. This
allows the Kubernetes name scoping to be mirrored
@@ -60363,25 +62770,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated with
+ the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
@@ -60400,123 +62809,128 @@ spec:
one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS Disk
+ description: 'awsElasticBlockStore represents an AWS Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty).'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set the
- ReadOnly property in VolumeMounts to "true". If
- omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'readOnly value true will force the readOnly
+ setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk resource
- in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk mount
+ description: azureDisk represents an Azure Data Disk mount
on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the blob
- storage
+ description: diskName is the Name of the data disk
+ in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob storage
+ description: diskURI is the URI of data disk in the
+ blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is Filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple blob
- disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure managed
data disk (only in managed availability set). defaults
to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains Azure
- Storage Account Name and Key
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on the
+ description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection of
- Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is a
+ collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default is
+ /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path to
- key ring for User, default is /etc/ceph/user.secret
+ description: 'secretFile is Optional: SecretFile is
+ the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference to
- the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef is
+ reference to the authentication secret for User,
+ default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -60527,31 +62941,32 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting in
VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to a secret
+ object containing parameters used to connect to
+ OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -60562,33 +62977,34 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that should
+ description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will
- be projected into the volume as a file whose name
- is the key and content is the value. If specified,
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the ConfigMap,
@@ -60600,14 +63016,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -60616,10 +63032,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -60632,29 +63048,29 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or its
- keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your admin
for the correct name as registered in the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which will
- determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the
+ associated CSI driver which will determine the default
+ filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference to
+ description: nodePublishSecretRef is a reference to
the secret object containing sensitive information
to pass to the CSI driver to complete the CSI NodePublishVolume
and NodeUnpublishVolume calls. This field is optional,
@@ -60671,13 +63087,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration for
- the volume. Defaults to false (read/write).
+ description: readOnly specifies a read-only configuration
+ for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver. Consult
your driver's documentation for supported values.
type: object
@@ -60685,7 +63101,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -60778,32 +63194,33 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should back
- this directory. The default is "" which means to
- use the node''s default medium. Must be an empty
- string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default is
+ "" which means to use the node''s default medium.
+ Must be an empty string (default) or Memory. More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage
- on memory medium EmptyDir would be the minimum value
- between the SizeLimit specified here and the sum
- of memory limits of all containers in a pod. The
- default is nil which means that the limit is undefined.
- More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of local
+ storage required for this EmptyDir volume. The size
+ limit is also applicable for memory medium. The
+ maximum usage on memory medium EmptyDir would be
+ the minimum value between the SizeLimit specified
+ here and the sum of memory limits of all containers
+ in a pod. The default is nil which means that the
+ limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is handled
+ description: "ephemeral represents a volume that is handled
by a cluster storage driver. The volume's lifecycle
is tied to the pod that defines it - it will be created
before the pod starts, and deleted when the pod is removed.
@@ -60860,24 +63277,27 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the desired
+ description: 'accessModes contains the desired
access modes the volume should have. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to specify
- either: * An existing VolumeSnapshot object
- (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be used
+ to specify either: * An existing VolumeSnapshot
+ object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source, it
will create a new volume based on the contents
- of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will
- always have the same contents as the DataSourceRef
- field.'
+ of the specified data source. When the AnyVolumeDataSource
+ feature gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and dataSourceRef
+ contents will be copied to dataSource when
+ dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef
+ will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -60901,32 +63321,42 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from which
- to populate the volume with data, if a non-empty
- volume is desired. This may be any local
- object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding
- will only succeed if the type of the specified
- object matches some installed volume populator
- or dynamic provisioner. This field will
- replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards
- compatibility, both fields (DataSource and
- DataSourceRef) will be set to the same value
- automatically if one of them is empty and
- the other is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows any
- non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed
- values (dropping them), DataSourceRef preserves
+ description: 'dataSourceRef specifies the
+ object from which to populate the volume
+ with data, if a non-empty volume is desired.
+ This may be any object from a non-empty
+ API group (non core object) or a PersistentVolumeClaim
+ object. When this field is specified, volume
+ binding will only succeed if the type of
+ the specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such if both
+ fields are non-empty, they must have the
+ same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
+ if one of them is empty and the other is
+ non-empty. When namespace is specified in
+ dataSourceRef, dataSource isn''t set to
+ the same value and must be empty. There
+ are three important differences between
+ dataSource and dataSourceRef: * While dataSource
+ only allows two specific types of objects,
+ dataSourceRef allows any non-core object,
+ as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values
+ (dropping them), dataSourceRef preserves
all values, and generates an error if a
- disallowed value is specified. (Alpha) Using
- this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
+ disallowed value is specified. * While dataSource
+ only allows local objects, dataSourceRef
+ allows objects in any namespaces. (Beta)
+ Using this field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha) Using
+ the namespace field of dataSourceRef requires
+ the CrossNamespaceVolumeDataSource feature
+ gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for
@@ -60944,13 +63374,23 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note that
+ when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent namespace
+ to allow that namespace's owner to accept
+ the reference. See the ReferenceGrant
+ documentation for details. (Alpha) This
+ field requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the minimum
+ description: 'resources represents the minimum
resources the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to
specify resource requirements that are lower
@@ -60958,6 +63398,31 @@ spec:
than capacity recorded in the status field
of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names of
+ resources, defined in spec.resourceClaims,
+ that are used by this container. \n
+ This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match the
+ name of one entry in pod.spec.resourceClaims
+ of the Pod where this field is
+ used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -60985,8 +63450,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes to
- consider for binding.
+ description: selector is a label query over
+ volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
@@ -61038,8 +63503,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass required
- by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the name
+ of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -61048,7 +63514,7 @@ spec:
in claim spec.
type: string
volumeName:
- description: VolumeName is the binding reference
+ description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
@@ -61057,71 +63523,74 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource that
+ description: fc represents a Fibre Channel resource that
is attached to a kubelet's host machine and then exposed
to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be a
- filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
- to be "ext4" if unspecified. TODO: how do we prevent
- errors in the filesystem from compromising the machine'
+ description: 'fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. TODO: how
+ do we prevent errors in the filesystem from compromising
+ the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target worldwide
+ names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world wide
+ identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume resource
+ description: flexVolume represents a generic volume resource
that is provisioned/attached using an exec based plugin.
properties:
driver:
- description: Driver is the name of the driver to use
+ description: driver is the name of the driver to use
for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". The
+ default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options if any.'
+ description: 'options is Optional: this field holds
+ extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in
- VolumeMounts.'
+ description: 'readOnly is Optional: defaults to false
+ (read/write). ReadOnly here will force the ReadOnly
+ setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference to
- the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef is
+ reference to the secret object containing sensitive
+ information to pass to the plugin scripts. This
+ may be empty if no secret object is specified. If
+ the secret object contains more than one secret,
+ all secrets are passed to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -61135,49 +63604,50 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be considered
- as deprecated
+ description: datasetName is Name of the dataset stored
+ as metadata -> name on the dataset for Flocker should
+ be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique identifier
- of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the volume
+ that you want to mount. Tip: Ensure that the filesystem
+ type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that you
- want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1,
- you specify the partition as "1". Similarly, the
- volume partition for /dev/sda is "0" (or you can
- leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the volume
+ that you want to mount. If omitted, the default
+ is to mount by volume name. Examples: For volume
+ /dev/sda1, you specify the partition as "1". Similarly,
+ the volume partition for /dev/sda is "0" (or you
+ can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in GCE.
- Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD resource
+ in GCE. Used to identify the disk in GCE. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -61185,42 +63655,43 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository at a
+ description: 'gitRepo represents a git repository at a
particular revision. DEPRECATED: GitRepo is deprecated.
To provision a container with a git repo, mount an EmptyDir
into an InitContainer that clones the repo using git,
then mount the EmptyDir into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the volume
- directory will be the git repository. Otherwise,
+ description: directory is the target directory name.
+ Must not contain or start with '..'. If '.' is
+ supplied, the volume directory will be the git repository. Otherwise,
if specified, the volume will contain the git repository
in the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the specified
+ revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount on
+ description: 'glusterfs represents a Glusterfs mount on
the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name that
+ description: 'endpoints is the endpoint name that
details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path. More
+ description: 'path is the Glusterfs volume path. More
info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -61229,7 +63700,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly exposed
to the container. This is generally used for system
agents or other privileged things that are allowed to
@@ -61240,69 +63711,73 @@ spec:
as read/write.'
properties:
path:
- description: 'Path of the directory on the host. If
+ description: 'path of the directory on the host. If
the path is a symlink, it will follow the link to
the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults to
+ description: 'type for HostPath Volume Defaults to
"" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and then
exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :
- will be created for the connection.
+ description: initiatorName is the custom iSCSI Initiator
+ Name. If initiatorName is specified with iscsiInterface
+ simultaneously, new iSCSI interface : will be created for the connection.
type: string
iqn:
- description: Target iSCSI Qualified Name.
+ description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
- description: iSCSI Interface Name that uses an iSCSI
- transport. Defaults to 'default' (tcp).
+ description: iscsiInterface is the interface Name
+ that uses an iSCSI transport. Defaults to 'default'
+ (tcp).
type: string
lun:
- description: iSCSI Target Lun number.
+ description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
- description: iSCSI Target Portal List. The portal
- is either an IP or ip_addr:port if the port is other
- than default (typically TCP ports 860 and 3260).
+ description: portals is the iSCSI Target Portal List.
+ The portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
items:
type: string
type: array
readOnly:
- description: ReadOnly here will force the ReadOnly
+ description: readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
type: boolean
secretRef:
- description: CHAP Secret for iSCSI target and initiator
- authentication
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
properties:
name:
description: 'Name of the referent. More info:
@@ -61313,9 +63788,10 @@ spec:
type: object
x-kubernetes-map-type: atomic
targetPortal:
- description: iSCSI Target Portal. The Portal is either
- an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
+ description: targetPortal is iSCSI Target Portal.
+ The Portal is either an IP or ip_addr:port if the
+ port is other than default (typically TCP ports
+ 860 and 3260).
type: string
required:
- iqn
@@ -61323,20 +63799,20 @@ spec:
- targetPortal
type: object
nfs:
- description: 'NFS represents an NFS mount on the host
+ description: 'nfs represents an NFS mount on the host
that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
properties:
path:
- description: 'Path that is exported by the NFS server.
+ description: 'path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
readOnly:
- description: 'ReadOnly here will force the NFS export
+ description: 'readOnly here will force the NFS export
to be mounted with read-only permissions. Defaults
to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: boolean
server:
- description: 'Server is the hostname or IP address
+ description: 'server is the hostname or IP address
of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
type: string
required:
@@ -61344,113 +63820,115 @@ spec:
- server
type: object
persistentVolumeClaim:
- description: 'PersistentVolumeClaimVolumeSource represents
+ description: 'persistentVolumeClaimVolumeSource represents
a reference to a PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
claimName:
- description: 'ClaimName is the name of a PersistentVolumeClaim
+ description: 'claimName is the name of a PersistentVolumeClaim
in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
- description: Will force the ReadOnly setting in VolumeMounts.
- Default false.
+ description: readOnly Will force the ReadOnly setting
+ in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
- description: PhotonPersistentDisk represents a PhotonController
+ description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
pdID:
- description: ID that identifies Photon Controller
- persistent disk
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
- description: PortworxVolume represents a portworx volume
+ description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: FSType represents the filesystem type
+ description: fSType represents the filesystem type
to mount Must be a filesystem type supported by
the host operating system. Ex. "ext4", "xfs". Implicitly
inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
volumeID:
- description: VolumeID uniquely identifies a Portworx
+ description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
- description: Items for all in one resources secrets, configmaps,
- and downward API
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
properties:
defaultMode:
- description: Mode bits used to set permissions on
- created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Directories
- within the path are not affected by this setting.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.
+ description: defaultMode are the mode bits used to
+ set permissions on created files by default. Must
+ be an octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both octal
+ and decimal values, JSON requires decimal values
+ for mode bits. Directories within the path are not
+ affected by this setting. This might be in conflict
+ with other options that affect the file mode, like
+ fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
- description: list of volume projections
+ description: sources is the list of volume projections
items:
description: Projection that may be projected along
with other supported volume types
properties:
configMap:
- description: information about the configMap
- data to project
+ description: configMap information about the
+ configMap data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- ConfigMap will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the ConfigMap, the volume setup will
- error unless it is marked optional. Paths
- must be relative and may not contain the
- '..' path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced ConfigMap will be projected
+ into the volume as a file whose name is
+ the key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the ConfigMap,
+ the volume setup will error unless it
+ is marked optional. Paths must be relative
+ and may not contain the '..' path or start
+ with '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -61462,11 +63940,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -61480,14 +63959,14 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the ConfigMap
- or its keys must be defined
+ description: optional specify whether the
+ ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
- description: information about the downwardAPI
- data to project
+ description: downwardAPI information about the
+ downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
@@ -61576,35 +64055,36 @@ spec:
type: array
type: object
secret:
- description: information about the secret data
- to project
+ description: secret information about the secret
+ data to project
properties:
items:
- description: If unspecified, each key-value
- pair in the Data field of the referenced
- Secret will be projected into the volume
- as a file whose name is the key and content
- is the value. If specified, the listed
- keys will be projected into the specified
- paths, and unlisted keys will not be present.
- If a key is specified which is not present
- in the Secret, the volume setup will error
- unless it is marked optional. Paths must
- be relative and may not contain the '..'
- path or start with '..'.
+ description: items if unspecified, each
+ key-value pair in the Data field of the
+ referenced Secret will be projected into
+ the volume as a file whose name is the
+ key and content is the value. If specified,
+ the listed keys will be projected into
+ the specified paths, and unlisted keys
+ will not be present. If a key is specified
+ which is not present in the Secret, the
+ volume setup will error unless it is marked
+ optional. Paths must be relative and may
+ not contain the '..' path or start with
+ '..'.
items:
description: Maps a string key to a path
within a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits
- used to set permissions on this
- file. Must be an octal value between
- 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts
+ description: 'mode is Optional: mode
+ bits used to set permissions on
+ this file. Must be an octal value
+ between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts
both octal and decimal values, JSON
requires decimal values for mode
bits. If not specified, the volume
@@ -61616,11 +64096,12 @@ spec:
format: int32
type: integer
path:
- description: The relative path of
- the file to map the key to. May
- not be an absolute path. May not
- contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
type: string
required:
- key
@@ -61634,17 +64115,17 @@ spec:
kind, uid?'
type: string
optional:
- description: Specify whether the Secret
- or its key must be defined
+ description: optional field specify whether
+ the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
- description: information about the serviceAccountToken
- data to project
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
properties:
audience:
- description: Audience is the intended audience
+ description: audience is the intended audience
of the token. A recipient of a token must
identify itself with an identifier specified
in the audience of the token, and otherwise
@@ -61652,7 +64133,7 @@ spec:
defaults to the identifier of the apiserver.
type: string
expirationSeconds:
- description: ExpirationSeconds is the requested
+ description: expirationSeconds is the requested
duration of validity of the service account
token. As the token approaches expiration,
the kubelet volume plugin will proactively
@@ -61665,7 +64146,7 @@ spec:
format: int64
type: integer
path:
- description: Path is the path relative to
+ description: path is the path relative to
the mount point of the file to project
the token into.
type: string
@@ -61676,36 +64157,36 @@ spec:
type: array
type: object
quobyte:
- description: Quobyte represents a Quobyte mount on the
+ description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
- description: Group to map volume access to Default
+ description: group to map volume access to Default
is no group
type: string
readOnly:
- description: ReadOnly here will force the Quobyte
+ description: readOnly here will force the Quobyte
volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
- description: Registry represents a single or multiple
+ description: registry represents a single or multiple
Quobyte Registry services specified as a string
as host:port pair (multiple entries are separated
with commas) which acts as the central registry
for volumes
type: string
tenant:
- description: Tenant owning the given Quobyte volume
+ description: tenant owning the given Quobyte volume
in the Backend Used with dynamically provisioned
Quobyte volumes, value is set by the plugin
type: string
user:
- description: User to map volume access to Defaults
+ description: user to map volume access to Defaults
to serivceaccount user
type: string
volume:
- description: Volume is a string that references an
+ description: volume is a string that references an
already created Quobyte volume by name.
type: string
required:
@@ -61713,44 +64194,46 @@ spec:
- volume
type: object
rbd:
- description: 'RBD represents a Rados Block Device mount
+ description: 'rbd represents a Rados Block Device mount
on the host that shares a pod''s lifetime. More info:
https://examples.k8s.io/volumes/rbd/README.md'
properties:
fsType:
- description: 'Filesystem type of the volume that you
- want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ description: 'fsType is the filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host operating
+ system. Examples: "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified. More info:
+ https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
image:
- description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'image is the rados image name. More
+ info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
keyring:
- description: 'Keyring is the path to key ring for
+ description: 'keyring is the path to key ring for
RBDUser. Default is /etc/ceph/keyring. More info:
https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
monitors:
- description: 'A collection of Ceph monitors. More
- info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
items:
type: string
type: array
pool:
- description: 'The rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'pool is the rados pool name. Default
+ is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false. More
info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: boolean
secretRef:
- description: 'SecretRef is name of the authentication
+ description: 'secretRef is name of the authentication
secret for RBDUser. If provided overrides keyring.
Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
properties:
@@ -61763,35 +64246,38 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'The rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+ description: 'user is the rados user name. Default
+ is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string
required:
- image
- monitors
type: object
scaleIO:
- description: ScaleIO represents a ScaleIO persistent volume
+ description: scaleIO represents a ScaleIO persistent volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Default is "xfs".
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Default
+ is "xfs".
type: string
gateway:
- description: The host address of the ScaleIO API Gateway.
+ description: gateway is the host address of the ScaleIO
+ API Gateway.
type: string
protectionDomain:
- description: The name of the ScaleIO Protection Domain
- for the configured storage.
+ description: protectionDomain is the name of the ScaleIO
+ Protection Domain for the configured storage.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef references to the secret for
+ description: secretRef references to the secret for
ScaleIO user and other sensitive information. If
this is not provided, Login operation will fail.
properties:
@@ -61804,26 +64290,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
sslEnabled:
- description: Flag to enable/disable SSL communication
+ description: sslEnabled Flag enable/disable SSL communication
with Gateway, default false
type: boolean
storageMode:
- description: Indicates whether the storage for a volume
- should be ThickProvisioned or ThinProvisioned. Default
- is ThinProvisioned.
+ description: storageMode indicates whether the storage
+ for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
type: string
storagePool:
- description: The ScaleIO Storage Pool associated with
- the protection domain.
+ description: storagePool is the ScaleIO Storage Pool
+ associated with the protection domain.
type: string
system:
- description: The name of the storage system as configured
- in ScaleIO.
+ description: system is the name of the storage system
+ as configured in ScaleIO.
type: string
volumeName:
- description: The name of a volume already created
- in the ScaleIO system that is associated with this
- volume source.
+ description: volumeName is the name of a volume already
+ created in the ScaleIO system that is associated
+ with this volume source.
type: string
required:
- gateway
@@ -61831,26 +64317,27 @@ spec:
- system
type: object
secret:
- description: 'Secret represents a secret that should populate
+ description: 'secret represents a secret that should populate
this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
properties:
defaultMode:
- description: 'Optional: mode bits used to set permissions
- on created files by default. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults
- to 0644. Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.'
+ description: 'defaultMode is Optional: mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair in
- the Data field of the referenced Secret will be
- projected into the volume as a file whose name is
- the key and content is the value. If specified,
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
the listed keys will be projected into the specified
paths, and unlisted keys will not be present. If
a key is specified which is not present in the Secret,
@@ -61862,14 +64349,14 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to set
- permissions on this file. Must be an octal
- value between 0000 and 0777 or a decimal value
- between 0 and 511. YAML accepts both octal
- and decimal values, JSON requires decimal
+ description: 'mode is Optional: mode bits used
+ to set permissions on this file. Must be an
+ octal value between 0000 and 0777 or a decimal
+ value between 0 and 511. YAML accepts both
+ octal and decimal values, JSON requires decimal
values for mode bits. If not specified, the
volume defaultMode will be used. This might
be in conflict with other options that affect
@@ -61878,10 +64365,10 @@ spec:
format: int32
type: integer
path:
- description: The relative path of the file to
- map the key to. May not be an absolute path.
- May not contain the path element '..'. May
- not start with the string '..'.
+ description: path is the relative path of the
+ file to map the key to. May not be an absolute
+ path. May not contain the path element '..'.
+ May not start with the string '..'.
type: string
required:
- key
@@ -61889,30 +64376,31 @@ spec:
type: object
type: array
optional:
- description: Specify whether the Secret or its keys
- must be defined
+ description: optional field specify whether the Secret
+ or its keys must be defined
type: boolean
secretName:
- description: 'Name of the secret in the pod''s namespace
- to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
type: string
type: object
storageos:
- description: StorageOS represents a StorageOS volume attached
+ description: storageOS represents a StorageOS volume attached
and mounted on Kubernetes nodes.
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+ inferred to be "ext4" if unspecified.
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting in
+ VolumeMounts.
type: boolean
secretRef:
- description: SecretRef specifies the secret to use
+ description: secretRef specifies the secret to use
for obtaining the StorageOS API credentials. If
not specified, default values will be attempted.
properties:
@@ -61925,12 +64413,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeName:
- description: VolumeName is the human-readable name
+ description: volumeName is the human-readable name
of the StorageOS volume. Volume names are only
unique within a namespace.
type: string
volumeNamespace:
- description: VolumeNamespace specifies the scope of
+ description: volumeNamespace specifies the scope of
the volume within StorageOS. If no namespace is
specified then the Pod's namespace will be used. This
allows the Kubernetes name scoping to be mirrored
@@ -61942,25 +64430,27 @@ spec:
type: string
type: object
vsphereVolume:
- description: VsphereVolume represents a vSphere volume
+ description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
- description: Filesystem type to mount. Must be a filesystem
- type supported by the host operating system. Ex.
- "ext4", "xfs", "ntfs". Implicitly inferred to be
- "ext4" if unspecified.
+ description: fsType is filesystem type to mount. Must
+ be a filesystem type supported by the host operating
+ system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+ to be "ext4" if unspecified.
type: string
storagePolicyID:
- description: Storage Policy Based Management (SPBM)
- profile ID associated with the StoragePolicyName.
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated with
+ the StoragePolicyName.
type: string
storagePolicyName:
- description: Storage Policy Based Management (SPBM)
- profile name.
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
type: string
volumePath:
- description: Path that identifies vSphere volume vmdk
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
type: string
required:
- volumePath
diff --git a/manifests/harbor/deployment.yaml b/manifests/harbor/deployment.yaml
index 86ed0f8cc..3f5a669b7 100644
--- a/manifests/harbor/deployment.yaml
+++ b/manifests/harbor/deployment.yaml
@@ -240,128 +240,133 @@ spec:
Only one of its members may be specified.
properties:
awsElasticBlockStore:
- description: 'AWSElasticBlockStore represents an AWS
+ description: 'awsElasticBlockStore represents an AWS
Disk resource that is attached to a kubelet''s host
machine and then exposed to the pod. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty).'
format: int32
type: integer
readOnly:
- description: 'Specify "true" to force and set
- the ReadOnly property in VolumeMounts to "true".
- If omitted, the default is "false". More info:
+ description: 'readOnly value true will force the
+ readOnly setting in VolumeMounts. More info:
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: boolean
volumeID:
- description: 'Unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info:
- https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+ description: 'volumeID is unique ID of the persistent
+ disk resource in AWS (Amazon EBS volume). More
+ info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
type: string
required:
- volumeID
type: object
azureDisk:
- description: AzureDisk represents an Azure Data Disk
+ description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
- description: 'Host Caching mode: None, Read Only,
- Read Write.'
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
type: string
diskName:
- description: The Name of the data disk in the
- blob storage
+ description: diskName is the Name of the data
+ disk in the blob storage
type: string
diskURI:
- description: The URI the data disk in the blob
- storage
+ description: diskURI is the URI of data disk in
+ the blob storage
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified.
+ description: fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host
+ operating system. Ex. "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
- description: 'Expected values Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly Defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
- description: AzureFile represents an Azure File Service
+ description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
- description: Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
+ description: readOnly defaults to false (read/write).
+ ReadOnly here will force the ReadOnly setting
+ in VolumeMounts.
type: boolean
secretName:
- description: the name of secret that contains
- Azure Storage Account Name and Key
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
type: string
shareName:
- description: Share Name
+ description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
- description: CephFS represents a Ceph FS mount on
+ description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
- description: 'Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'monitors is Required: Monitors is
+ a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
items:
type: string
type: array
path:
- description: 'Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts. More info:
+ https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: boolean
secretFile:
- description: 'Optional: SecretFile is the path
- to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretFile is Optional: SecretFile
+ is the path to key ring for User, default is
+ /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
secretRef:
- description: 'Optional: SecretRef is reference
- to the authentication secret for User, default
- is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'secretRef is Optional: SecretRef
+ is reference to the authentication secret for
+ User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
properties:
name:
description: 'Name of the referent. More info:
@@ -372,32 +377,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
user:
- description: 'Optional: User is the rados user
- name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+ description: 'user is optional: User is the rados
+ user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string
required:
- monitors
type: object
cinder:
- description: 'Cinder represents a cinder volume attached
+ description: 'cinder represents a cinder volume attached
and mounted on kubelets host machine. More info:
https://examples.k8s.io/mysql-cinder-pd/README.md'
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://examples.k8s.io/mysql-cinder-pd/README.md'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Examples: "ext4",
+ "xfs", "ntfs". Implicitly inferred to be "ext4"
+ if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
readOnly:
- description: 'Optional: Defaults to false (read/write).
+ description: 'readOnly defaults to false (read/write).
ReadOnly here will force the ReadOnly setting
in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: boolean
secretRef:
- description: 'Optional: points to a secret object
- containing parameters used to connect to OpenStack.'
+ description: 'secretRef is optional: points to
+ a secret object containing parameters used to
+ connect to OpenStack.'
properties:
name:
description: 'Name of the referent. More info:
@@ -408,33 +414,33 @@ spec:
type: object
x-kubernetes-map-type: atomic
volumeID:
- description: 'volume id used to identify the volume
+ description: 'volumeID used to identify the volume
in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string
required:
- volumeID
type: object
configMap:
- description: ConfigMap represents a configMap that
+ description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
- description: 'Optional: mode bits used to set
- permissions on created files by default. Must
- be an octal value between 0000 and 0777 or a
- decimal value between 0 and 511. YAML accepts
- both octal and decimal values, JSON requires
- decimal values for mode bits. Defaults to 0644.
- Directories within the path are not affected
- by this setting. This might be in conflict with
- other options that affect the file mode, like
- fsGroup, and the result can be other mode bits
- set.'
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by
+ default. Must be an octal value between 0000
+ and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values,
+ JSON requires decimal values for mode bits.
+ Defaults to 0644. Directories within the path
+ are not affected by this setting. This might
+ be in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
items:
- description: If unspecified, each key-value pair
- in the Data field of the referenced ConfigMap
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
will be projected into the volume as a file
whose name is the key and content is the value.
If specified, the listed keys will be projected
@@ -449,27 +455,28 @@ spec:
a volume.
properties:
key:
- description: The key to project.
+ description: key is the key to project.
type: string
mode:
- description: 'Optional: mode bits used to
- set permissions on this file. Must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file.
+ Must be an octal value between 0000 and
+ 0777 or a decimal value between 0 and
+ 511. YAML accepts both octal and decimal
+ values, JSON requires decimal values for
+ mode bits. If not specified, the volume
+ defaultMode will be used. This might be
+ in conflict with other options that affect
+ the file mode, like fsGroup, and the result
+ can be other mode bits set.'
format: int32
type: integer
path:
- description: The relative path of the file
- to map the key to. May not be an absolute
- path. May not contain the path element
- '..'. May not start with the string '..'.
+ description: path is the relative path of
+ the file to map the key to. May not be
+ an absolute path. May not contain the
+ path element '..'. May not start with
+ the string '..'.
type: string
required:
- key
@@ -483,30 +490,30 @@ spec:
uid?'
type: string
optional:
- description: Specify whether the ConfigMap or
- its keys must be defined
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
- description: CSI (Container Storage Interface) represents
+ description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
- description: Driver is the name of the CSI driver
+ description: driver is the name of the CSI driver
that handles this volume. Consult with your
admin for the correct name as registered in
the cluster.
type: string
fsType:
- description: Filesystem type to mount. Ex. "ext4",
- "xfs", "ntfs". If not provided, the empty value
- is passed to the associated CSI driver which
- will determine the default filesystem to apply.
+ description: fsType to mount. Ex. "ext4", "xfs",
+ "ntfs". If not provided, the empty value is
+ passed to the associated CSI driver which will
+ determine the default filesystem to apply.
type: string
nodePublishSecretRef:
- description: NodePublishSecretRef is a reference
+ description: nodePublishSecretRef is a reference
to the secret object containing sensitive information
to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
@@ -524,13 +531,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
readOnly:
- description: Specifies a read-only configuration
+ description: readOnly specifies a read-only configuration
for the volume. Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
- description: VolumeAttributes stores driver-specific
+ description: volumeAttributes stores driver-specific
properties that are passed to the CSI driver.
Consult your driver's documentation for supported
values.
@@ -539,7 +546,7 @@ spec:
- driver
type: object
downwardAPI:
- description: DownwardAPI represents downward API about
+ description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
@@ -638,33 +645,34 @@ spec:
type: array
type: object
emptyDir:
- description: 'EmptyDir represents a temporary directory
+ description: 'emptyDir represents a temporary directory
that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
properties:
medium:
- description: 'What type of storage medium should
- back this directory. The default is "" which
- means to use the node''s default medium. Must
- be an empty string (default) or Memory. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+ description: 'medium represents what type of storage
+ medium should back this directory. The default
+ is "" which means to use the node''s default
+ medium. Must be an empty string (default) or
+ Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
- description: 'Total amount of local storage required
- for this EmptyDir volume. The size limit is
- also applicable for memory medium. The maximum
- usage on memory medium EmptyDir would be the
- minimum value between the SizeLimit specified
- here and the sum of memory limits of all containers
- in a pod. The default is nil which means that
- the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+ description: 'sizeLimit is the total amount of
+ local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory
+ medium. The maximum usage on memory medium EmptyDir
+ would be the minimum value between the SizeLimit
+ specified here and the sum of memory limits
+ of all containers in a pod. The default is nil
+ which means that the limit is undefined. More
+ info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: "Ephemeral represents a volume that is
+ description: "ephemeral represents a volume that is
handled by a cluster storage driver. The volume's
lifecycle is tied to the pod that defines it - it
will be created before the pod starts, and deleted
@@ -724,25 +732,29 @@ spec:
are also valid here.
properties:
accessModes:
- description: 'AccessModes contains the
+ description: 'accessModes contains the
desired access modes the volume should
have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
- description: 'This field can be used to
- specify either: * An existing VolumeSnapshot
- object (snapshot.storage.k8s.io/VolumeSnapshot)
+ description: 'dataSource field can be
+ used to specify either: * An existing
+ VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller
can support the specified data source,
it will create a new volume based on
the contents of the specified data source.
- If the AnyVolumeDataSource feature gate
- is enabled, this field will always have
- the same contents as the DataSourceRef
- field.'
+ When the AnyVolumeDataSource feature
+ gate is enabled, dataSource contents
+ will be copied to dataSourceRef, and
+ dataSourceRef contents will be copied
+ to dataSource when dataSourceRef.namespace
+ is not specified. If the namespace is
+ specified, then dataSourceRef will not
+ be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group
@@ -766,35 +778,44 @@ spec:
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
- description: 'Specifies the object from
- which to populate the volume with data,
- if a non-empty volume is desired. This
- may be any local object from a non-empty
- API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified,
- volume binding will only succeed if
- the type of the specified object matches
- some installed volume populator or dynamic
- provisioner. This field will replace
- the functionality of the DataSource
- field and as such if both fields are
- non-empty, they must have the same value.
- For backwards compatibility, both fields
- (DataSource and DataSourceRef) will
- be set to the same value automatically
+ description: 'dataSourceRef specifies
+ the object from which to populate the
+ volume with data, if a non-empty volume
+ is desired. This may be any object from
+ a non-empty API group (non core object)
+ or a PersistentVolumeClaim object. When
+ this field is specified, volume binding
+ will only succeed if the type of the
+ specified object matches some installed
+ volume populator or dynamic provisioner.
+ This field will replace the functionality
+ of the dataSource field and as such
+ if both fields are non-empty, they must
+ have the same value. For backwards compatibility,
+ when namespace isn''t specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef)
+ will be set to the same value automatically
if one of them is empty and the other
- is non-empty. There are two important
- differences between DataSource and DataSourceRef:
- * While DataSource only allows two specific
- types of objects, DataSourceRef allows
+ is non-empty. When namespace is specified
+ in dataSourceRef, dataSource isn''t
+ set to the same value and must be empty.
+ There are three important differences
+ between dataSource and dataSourceRef:
+ * While dataSource only allows two specific
+ types of objects, dataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef
+ objects. * While dataSource ignores
+ disallowed values (dropping them), dataSourceRef
preserves all values, and generates
an error if a disallowed value is specified.
- (Alpha) Using this field requires the
- AnyVolumeDataSource feature gate to
- be enabled.'
+ * While dataSource only allows local
+ objects, dataSourceRef allows objects
+ in any namespaces. (Beta) Using this
+ field requires the AnyVolumeDataSource
+ feature gate to be enabled. (Alpha)
+ Using the namespace field of dataSourceRef
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group
@@ -812,13 +833,25 @@ spec:
description: Name is the name of resource
being referenced
type: string
+ namespace:
+ description: Namespace is the namespace
+ of resource being referenced Note
+ that when a namespace is specified,
+ a gateway.networking.k8s.io/ReferenceGrant
+ object is required in the referent
+ namespace to allow that namespace's
+ owner to accept the reference. See
+ the ReferenceGrant documentation
+ for details. (Alpha) This field
+ requires the CrossNamespaceVolumeDataSource
+ feature gate to be enabled.
+ type: string
required:
- kind
- name
type: object
- x-kubernetes-map-type: atomic
resources:
- description: 'Resources represents the
+ description: 'resources represents the
minimum resources the volume should
have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed
@@ -828,6 +861,31 @@ spec:
in the status field of the claim. More
info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
+ claims:
+ description: "Claims lists the names
+ of resources, defined in spec.resourceClaims,
+ that are used by this container.
+ \n This is an alpha field and requires
+ enabling the DynamicResourceAllocation
+ feature gate. \n This field is immutable."
+ items:
+ description: ResourceClaim references
+ one entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: Name must match
+ the name of one entry in pod.spec.resourceClaims
+ of the Pod where this field
+ is used. It makes that resource
+ available inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -856,8 +914,8 @@ spec:
type: object
type: object
selector:
- description: A label query over volumes
- to consider for binding.
+ description: selector is a label query
+ over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a
@@ -914,8 +972,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
storageClassName:
- description: 'Name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+ description: 'storageClassName is the
+ name of the StorageClass required by
+ the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type
@@ -924,7 +983,7 @@ spec:
not included in claim spec.
type: string
volumeName:
- description: VolumeName is the binding
+ description: volumeName is the binding
reference to the PersistentVolume backing
this claim.
type: string
@@ -934,74 +993,77 @@ spec:
type: object
type: object
fc:
- description: FC represents a Fibre Channel resource
+ description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
- description: 'Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. TODO:
- how do we prevent errors in the filesystem from
- compromising the machine'
+ description: 'fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. TODO: how do we prevent errors
+ in the filesystem from compromising the machine'
type: string
lun:
- description: 'Optional: FC target lun number'
+ description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: Defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
targetWWNs:
- description: 'Optional: FC target worldwide names
- (WWNs)'
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
items:
type: string
type: array
wwids:
- description: 'Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs
- and lun must be set, but not both simultaneously.'
+ description: 'wwids Optional: FC volume world
+ wide identifiers (wwids) Either wwids or combination
+ of targetWWNs and lun must be set, but not both
+ simultaneously.'
items:
type: string
type: array
type: object
flexVolume:
- description: FlexVolume represents a generic volume
+ description: flexVolume represents a generic volume
resource that is provisioned/attached using an exec
based plugin.
properties:
driver:
- description: Driver is the name of the driver
+ description: driver is the name of the driver
to use for this volume.
type: string
fsType:
- description: Filesystem type to mount. Must be
- a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs", "ntfs". The default
- filesystem depends on FlexVolume script.
+ description: fsType is the filesystem type to
+ mount. Must be a filesystem type supported by
+ the host operating system. Ex. "ext4", "xfs",
+ "ntfs". The default filesystem depends on FlexVolume
+ script.
type: string
options:
additionalProperties:
type: string
- description: 'Optional: Extra command options
- if any.'
+ description: 'options is Optional: this field
+ holds extra command options if any.'
type: object
readOnly:
- description: 'Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting
- in VolumeMounts.'
+ description: 'readOnly is Optional: defaults to
+ false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.'
type: boolean
secretRef:
- description: 'Optional: SecretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty
- if no secret object is specified. If the secret
- object contains more than one secret, all secrets
- are passed to the plugin scripts.'
+ description: 'secretRef is Optional: secretRef
+ is reference to the secret object containing
+ sensitive information to pass to the plugin
+ scripts. This may be empty if no secret object
+ is specified. If the secret object contains
+ more than one secret, all secrets are passed
+ to the plugin scripts.'
properties:
name:
description: 'Name of the referent. More info:
@@ -1015,52 +1077,52 @@ spec:
- driver
type: object
flocker:
- description: Flocker represents a Flocker volume attached
+ description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the
Flocker control service being running
properties:
datasetName:
- description: Name of the dataset stored as metadata
- -> name on the dataset for Flocker should be
- considered as deprecated
+ description: datasetName is Name of the dataset
+ stored as metadata -> name on the dataset for
+ Flocker should be considered as deprecated
type: string
datasetUUID:
- description: UUID of the dataset. This is unique
- identifier of a Flocker dataset
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
- description: 'GCEPersistentDisk represents a GCE Disk
+ description: 'gcePersistentDisk represents a GCE Disk
resource that is attached to a kubelet''s host machine
and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
properties:
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ description: 'fsType is filesystem type of the
+ volume that you want to mount. Tip: Ensure that
+ the filesystem type is supported by the host
+ operating system. Examples: "ext4", "xfs", "ntfs".
+ Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
partition:
- description: 'The partition in the volume that
- you want to mount. If omitted, the default is
- to mount by volume name. Examples: For volume
- /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda
- is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'partition is the partition in the
+ volume that you want to mount. If omitted, the
+ default is to mount by volume name. Examples:
+ For volume /dev/sda1, you specify the partition
+ as "1". Similarly, the volume partition for
+ /dev/sda is "0" (or you can leave the property
+ empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
format: int32
type: integer
pdName:
- description: 'Unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+ description: 'pdName is unique name of the PD
+ resource in GCE. Used to identify the disk in
+ GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: string
readOnly:
- description: 'ReadOnly here will force the ReadOnly
+ description: 'readOnly here will force the ReadOnly
setting in VolumeMounts. Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
type: boolean
@@ -1068,7 +1130,7 @@ spec:
- pdName
type: object
gitRepo:
- description: 'GitRepo represents a git repository
+ description: 'gitRepo represents a git repository
at a particular revision. DEPRECATED: GitRepo is
deprecated. To provision a container with a git
repo, mount an EmptyDir into an InitContainer that
@@ -1076,38 +1138,38 @@ spec:
into the Pod''s container.'
properties:
directory:
- description: Target directory name. Must not contain
- or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git
- repository in the subdirectory with the given
- name.
+ description: directory is the target directory
+ name. Must not contain or start with '..'. If
+ '.' is supplied, the volume directory will be
+ the git repository. Otherwise, if specified,
+ the volume will contain the git repository in
+ the subdirectory with the given name.
type: string
repository:
- description: Repository URL
+ description: repository is the URL
type: string
revision:
- description: Commit hash for the specified revision.
+ description: revision is the commit hash for the
+ specified revision.
type: string
required:
- repository
type: object
glusterfs:
- description: 'Glusterfs represents a Glusterfs mount
+ description: 'glusterfs represents a Glusterfs mount
on the host that shares a pod''s lifetime. More
info: https://examples.k8s.io/volumes/glusterfs/README.md'
properties:
endpoints:
- description: 'EndpointsName is the endpoint name
- that details Glusterfs topology. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+ description: 'endpoints is the endpoint name that
+ details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
path:
- description: 'Path is the Glusterfs volume path.
+ description: 'path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: string
readOnly:
- description: 'ReadOnly here will force the Glusterfs
+ description: 'readOnly here will force the Glusterfs
volume to be mounted with read-only permissions.
Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
type: boolean
@@ -1116,7 +1178,7 @@ spec:
- path
type: object
hostPath:
- description: 'HostPath represents a pre-existing file
+ description: 'hostPath represents a pre-existing file
or directory on the host machine that is directly
exposed to the container. This is generally used
for system agents or other privileged things that
@@ -1127,72 +1189,75 @@ spec:
host directories as read/write.'
properties:
path:
- description: 'Path of the directory on the host.
+ description: 'path of the directory on the host.
If the path is a symlink, it will follow the
link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
type:
- description: 'Type for HostPath Volume Defaults
+ description: 'type for HostPath Volume Defaults
to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
type: string
required:
- path
type: object
iscsi:
- description: 'ISCSI represents an ISCSI Disk resource
+ description: 'iscsi represents an ISCSI Disk resource
that is attached to a kubelet''s host machine and
then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
properties:
chapAuthDiscovery:
- description: whether support iSCSI Discovery CHAP
- authentication
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
- description: whether support iSCSI Session CHAP
- authentication
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
type: boolean
fsType:
- description: 'Filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly
- inferred to be "ext4" if unspecified. More info:
- https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ description: 'fsType is the filesystem type of
+ the volume that you want to mount. Tip: Ensure
+ that the filesystem type is supported by the
+ host operating system. Examples: "ext4", "xfs",
+ "ntfs". Implicitly inferred to be "ext4" if
+ unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem
from compromising the machine'
type: string
initiatorName:
- description: Custom iSCSI Initiator Name. If initiatorName
- is specified with iscsiInterface simultaneously,
- new iSCSI interface :