diff --git a/class/defaults.yml b/class/defaults.yml index ff89a6ed..55ff9c55 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -225,7 +225,7 @@ parameters: rook: registry: docker.io image: rook/ceph - tag: v1.11.11 + tag: v1.12.7 ceph: registry: quay.io image: ceph/ceph @@ -241,7 +241,7 @@ parameters: charts: # We do not support helm chart versions older than v1.7.0 - rook-ceph: v1.11.11 + rook-ceph: v1.12.7 operator_helm_values: image: diff --git a/class/rook-ceph.yml b/class/rook-ceph.yml index dbd08511..db8bb204 100644 --- a/class/rook-ceph.yml +++ b/class/rook-ceph.yml @@ -35,6 +35,10 @@ parameters: output_path: ${_base_directory}/manifests/${rook_ceph:images:rook:tag}/toolbox.yaml compile: + - input_type: remove + input_paths: + - rook-ceph/helmcharts/rook-ceph/${rook_ceph:charts:rook-ceph}/templates/securityContextConstraints.yaml + output_path: . - input_paths: - rook-ceph/component/app.jsonnet input_type: jsonnet diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml index 41c5cc15..4c233042 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-osd @@ -18,7 +18,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-mgr @@ -31,7 +31,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-cmd-reporter @@ -50,7 +50,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-rgw @@ -180,6 +180,7 @@ rules: - cephfilesystemmirrors - cephfilesystemsubvolumegroups - cephblockpoolradosnamespaces + - cephcosidrivers verbs: - get - list diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml index 0207d92c..dd670bb9 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -33,6 +33,23 @@ rules: - get - delete - update + - apiGroups: + - csiaddons.openshift.io + resources: + - networkfences + verbs: + - create + - get + - update + - delete + - watch + - list + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -41,7 +58,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-cluster-mgmt @@ -74,7 +91,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-global @@ -147,6 +164,7 @@ rules: - cephfilesystemmirrors - cephfilesystemsubvolumegroups - cephblockpoolradosnamespaces + - cephcosidrivers verbs: - get - list @@ -261,7 +279,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-mgr-cluster @@ -317,7 +335,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-object-bucket @@ -518,7 +536,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rbd-csi-nodeplugin @@ -724,3 +742,52 @@ rules: - get - list - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner-role +rules: + - apiGroups: + - objectstorage.k8s.io + resources: + - buckets + - bucketaccesses + - bucketclaims + - bucketaccessclasses + - buckets/status + - bucketaccesses/status + - bucketclaims/status + - bucketaccessclasses/status + verbs: + - get + - list + - watch + - update + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create + - apiGroups: + - '' + resources: + - secrets + - events + verbs: + - get + - delete + - update + - create diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml index 4af00476..b55dd722 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -25,7 +25,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-global @@ -102,3 +102,20 @@ subjects: - kind: ServiceAccount name: rook-csi-rbd-provisioner-sa namespace: syn-rook-ceph-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: objectstorage-provisioner-role +subjects: + - kind: ServiceAccount + name: objectstorage-provisioner + namespace: syn-rook-ceph-operator diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml index 142ee3fb..05ce7905 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml @@ -226,7 +226,7 @@ data: cpu: 100m ROOK_CEPH_ALLOW_LOOP_DEVICES: 'false' ROOK_CEPH_COMMANDS_TIMEOUT_SECONDS: '15' - ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.5.0 + ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.7.0 ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.9.0 ROOK_CSI_ENABLE_CEPHFS: 'false' ROOK_CSI_ENABLE_GRPC_METRICS: 'true' @@ -234,6 +234,7 @@ data: ROOK_CSI_ENABLE_RBD: 'true' ROOK_CSI_IMAGE_PULL_POLICY: IfNotPresent ROOK_DISABLE_ADMISSION_CONTROLLER: 'true' + ROOK_ENABLE_DISCOVERY_DAEMON: 'false' ROOK_LOG_LEVEL: INFO ROOK_OBC_WATCH_OPERATOR_NAMESPACE: 'true' kind: ConfigMap diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml index 234d4848..bc323731 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-operator @@ -20,7 +20,7 @@ spec: metadata: labels: app: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 spec: containers: - args: @@ -33,10 +33,8 @@ spec: value: 'false' - name: ROOK_DISABLE_DEVICE_HOTPLUG value: 'false' - - name: DISCOVER_DAEMON_UDEV_BLACKLIST - value: '' - - name: ROOK_ENABLE_DISCOVERY_DAEMON - value: 'false' + - name: ROOK_DISCOVER_DEVICES_INTERVAL + value: 60m - name: NODE_NAME valueFrom: fieldRef: @@ -49,7 +47,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/rook/ceph:v1.11.11 + image: docker.io/rook/ceph:v1.12.7 imagePullPolicy: IfNotPresent name: rook-ceph-operator ports: diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml index 0a39b34c..65c3cca7 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml @@ -1095,6 +1095,13 @@ spec: maximum: 65535 minimum: 0 type: integer + prometheusEndpoint: + description: Endpoint for the Prometheus host + type: string + prometheusEndpointSSLVerify: + description: Whether to verify the ssl endpoint for prometheus. + Set to false for a self-signed cert. + type: boolean ssl: description: SSL determines whether SSL should be used type: boolean @@ -1240,8 +1247,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a - GRPC port. This is a beta field and requires enabling - GRPCContainerProbe feature gate. + GRPC port. properties: port: description: Port number of the gRPC service. @@ -1275,7 +1281,10 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. type: string value: description: The header field value @@ -1408,8 +1417,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a - GRPC port. This is a beta field and requires enabling - GRPCContainerProbe feature gate. + GRPC port. properties: port: description: Port number of the gRPC service. @@ -1443,7 +1451,10 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. type: string value: description: The header field value @@ -1579,8 +1590,8 @@ spec: on the same node (not recommended) type: boolean count: - description: Count is the number of manager to run - maximum: 2 + description: Count is the number of manager daemons to run + maximum: 5 minimum: 0 type: integer modules: @@ -1614,6 +1625,8 @@ spec: maximum: 9 minimum: 0 type: integer + failureDomainLabel: + type: string stretchCluster: description: StretchCluster is the stretch cluster specification properties: @@ -1628,12 +1641,12 @@ spec: zones: description: Zones is the list of zones items: - description: StretchClusterZoneSpec represents the specification - of a stretched zone in a Ceph Cluster + description: MonZoneSpec represents the specification + of a zone in a Ceph Cluster properties: arbiter: description: Arbiter determines if the zone contains - the arbiter + the arbiter used for stretch cluster mode type: boolean name: description: Name is the name of the zone @@ -1852,7 +1865,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1936,6 +1950,62 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives + persistentvolume claim update with ClaimResourceStatus + for a resource that it does not recognizes, + then it should ignore that update and + let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either:\ + \ * Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must\ + \ use implementation-defined prefixed names\ + \ such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are\ + \ unprefixed or have kubernetes.io prefix\ + \ are considered reserved and hence may\ + \ not be used. \n ClaimResourceStatus can\ + \ be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane.\ + \ - ControllerResizeFailed: State set when\ + \ resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending:\ + \ State set when resize controller has finished\ + \ resizing the volume but further resizing\ + \ of volume is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing\ + \ the volume. - NodeResizeFailed: State\ + \ set when resizing has failed in kubelet\ + \ with a terminal error. Transient errors\ + \ don't set NodeResizeFailed. For example:\ + \ if expanding a PVC for more capacity -\ + \ this field can be one of the following\ + \ states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field\ + \ is not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A\ + \ controller that receives PVC update with\ + \ previously unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing\ + \ capacity of the volume, should ignore\ + \ PVC updates that change other valid resources\ + \ associated with PVC. \n This is an alpha\ + \ field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -1943,22 +2013,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may - be larger than the actual capacity when - a volume expansion operation is requested. - For storage quota, the larger value from - allocatedResources and PVC.spec.resources - is used. If allocatedResources is not set, - PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity - request is lowered, allocatedResources is - only lowered if there are no expansion operations - in progress and if the actual volume capacity - is equal or lower than the requested capacity. - This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including\ + \ its capacity. Key names follow standard\ + \ Kubernetes label syntax. Valid values\ + \ are either: * Un-prefixed keys: - storage\ + \ - the capacity of the volume. * Custom\ + \ resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are\ + \ unprefixed or have kubernetes.io prefix\ + \ are considered reserved and hence may\ + \ not be used. \n Capacity reported here\ + \ may be larger than the actual capacity\ + \ when a volume expansion operation is requested.\ + \ For storage quota, the larger value from\ + \ allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not\ + \ set, PVC.spec.resources alone is used\ + \ for quota calculation. If a volume expansion\ + \ capacity request is lowered, allocatedResources\ + \ is only lowered if there are no expansion\ + \ operations in progress and if the actual\ + \ volume capacity is equal or lower than\ + \ the requested capacity. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName should ignore the\ + \ update for the purpose it was designed.\ + \ For example - a controller that only is\ + \ responsible for resizing capacity of the\ + \ volume, should ignore PVC updates that\ + \ change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -1977,7 +2065,7 @@ spec: the Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -2018,15 +2106,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of - resize operation. ResizeStatus is not set - by default but when expansion is complete - resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha - field and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -2223,7 +2302,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -2298,6 +2378,54 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status\ + \ of resource being resized for the given PVC. Key\ + \ names follow standard Kubernetes label syntax. Valid\ + \ values are either: * Un-prefixed keys: - storage\ + \ - the capacity of the volume. * Custom resources\ + \ must use implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart from\ + \ above values - keys that are unprefixed or have\ + \ kubernetes.io prefix are considered reserved and\ + \ hence may not be used. \n ClaimResourceStatus can\ + \ be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending: State\ + \ set when resize controller has finished resizing\ + \ the volume but further resizing of volume is needed\ + \ on the node. - NodeResizeInProgress: State set when\ + \ kubelet starts resizing the volume. - NodeResizeFailed:\ + \ State set when resizing has failed in kubelet with\ + \ a terminal error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more capacity\ + \ - this field can be one of the following states:\ + \ - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is not set,\ + \ it means that no resize operation is in progress\ + \ for the given PVC. \n A controller that receives\ + \ PVC update with previously unknown resourceName\ + \ or ClaimResourceStatus should ignore the update\ + \ for the purpose it was designed. For example - a\ + \ controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -2305,19 +2433,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if - there are no expansion operations in progress and - if the actual volume capacity is equal or lower than - the requested capacity. This is an alpha field and - requires enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity. Key names\ + \ follow standard Kubernetes label syntax. Valid values\ + \ are either: * Un-prefixed keys: - storage - the\ + \ capacity of the volume. * Custom resources must\ + \ use implementation-defined prefixed names such as\ + \ \"example.com/my-custom-resource\" Apart from above\ + \ values - keys that are unprefixed or have kubernetes.io\ + \ prefix are considered reserved and hence may not\ + \ be used. \n Capacity reported here may be larger\ + \ than the actual capacity when a volume expansion\ + \ operation is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set, PVC.spec.resources\ + \ alone is used for quota calculation. If a volume\ + \ expansion capacity request is lowered, allocatedResources\ + \ is only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity is\ + \ equal or lower than the requested capacity. \n A\ + \ controller that receives PVC update with previously\ + \ unknown resourceName should ignore the update for\ + \ the purpose it was designed. For example - a controller\ + \ that only is responsible for resizing capacity of\ + \ the volume, should ignore PVC updates that change\ + \ other valid resources associated with PVC. \n This\ + \ is an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -2335,7 +2477,7 @@ spec: volume is being resized then the Condition will be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails + description: PersistentVolumeClaimCondition contains details about state of pvc properties: lastProbeTime: @@ -2373,17 +2515,465 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by - resize controller or kubelet. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object x-kubernetes-preserve-unknown-fields: true + zones: + description: Zones are specified when we want to provide zonal + awareness to mons + items: + description: MonZoneSpec represents the specification of a + zone in a Ceph Cluster + properties: + arbiter: + description: Arbiter determines if the zone contains the + arbiter used for stretch cluster mode + type: boolean + name: + description: Name is the name of the zone + type: string + volumeClaimTemplate: + description: VolumeClaimTemplate is the PVC template + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'spec defines the desired characteristics + of a volume requested by a pod author. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If + the provisioner or an external controller can + support the specified data source, it will create + a new volume based on the contents of the specified + data source. When the AnyVolumeDataSource feature + gate is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef contents + will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup is + not specified, the specified Kind must be + in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may be + any object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will + only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both + fields are non-empty, they must have the same + value. For backwards compatibility, when namespace + isn''t specified in dataSourceRef, both fields + (dataSource and dataSourceRef) will be set to + the same value automatically if one of them + is empty and the other is non-empty. When namespace + is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There + are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed + values (dropping them), dataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. * While dataSource only + allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires + the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef + requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup is + not specified, the specified Kind must be + in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace of + resource being referenced Note that when + a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity + recorded in the status field of the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources,\ + \ defined in spec.resourceClaims, that are\ + \ used by this container. \n This is an\ + \ alpha field and requires enabling the\ + \ DynamicResourceAllocation feature gate.\ + \ \n This field is immutable. It can only\ + \ be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If + Requests is omitted for a container, it + defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + status: + description: 'status represents the current information/status + of a persistent volume claim. Read-only. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual + access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, then + it should ignore that update and let other + controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the given\ + \ PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: * Un-prefixed\ + \ keys: - storage - the capacity of the volume.\ + \ * Custom resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize\ + \ controller with a terminal error. - NodeResizePending:\ + \ State set when resize controller has finished\ + \ resizing the volume but further resizing of\ + \ volume is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more capacity\ + \ - this field can be one of the following states:\ + \ - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously unknown\ + \ resourceName or ClaimResourceStatus should\ + \ ignore the update for the purpose it was designed.\ + \ For example - a controller that only is responsible\ + \ for resizing capacity of the volume, should\ + \ ignore PVC updates that change other valid\ + \ resources associated with PVC. \n This is\ + \ an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity.\ + \ Key names follow standard Kubernetes label\ + \ syntax. Valid values are either: * Un-prefixed\ + \ keys: - storage - the capacity of the volume.\ + \ * Custom resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update with\ + \ previously unknown resourceName should ignore\ + \ the update for the purpose it was designed.\ + \ For example - a controller that only is responsible\ + \ for resizing capacity of the volume, should\ + \ ignore PVC updates that change other valid\ + \ resources associated with PVC. \n This is\ + \ an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: conditions is the current Condition + of persistent volume claim. If underlying persistent + volume is being resized then the Condition will + be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition + contains details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we + probed the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable + message indicating details about last + transition. + type: string + reason: + description: reason is a unique, this should + be a short, machine understandable string + that gives the reason for condition's + last transition. If it reports "ResizeStarted" + that means the underlying persistent volume + is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase + of PersistentVolumeClaim. + type: string + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array type: object monitoring: description: Prometheus based Monitoring settings @@ -2405,12 +2995,10 @@ spec: description: The Hostname of this endpoint type: string ip: - description: 'The IP of this endpoint. May not be loopback - (127.0.0.0/8), link-local (169.254.0.0/16), or link-local - multicast ((224.0.0.0/24). IPv6 is also accepted but - not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 - ready. TODO: This should allow hostname or IP, See #4447.' + description: The IP of this endpoint. May not be loopback + (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or + fe80::/10), or link-local multicast (224.0.0.0/24 or + ff02::/16). type: string nodeName: description: 'Optional: Node hosting this endpoint. This @@ -2486,6 +3074,38 @@ spec: description: Network related configuration nullable: true properties: + addressRanges: + description: AddressRanges specify a list of CIDRs that Rook + will apply to Ceph's 'public_network' and/or 'cluster_network' + configurations. This config section may be used for the "host" + or "multus" network providers. + nullable: true + properties: + cluster: + description: Cluster defines a list of CIDRs to use for + Ceph cluster network communication. + items: + description: "An IPv4 or IPv6 network CIDR. \n This naive\ + \ kubebuilder regex provides immediate feedback for\ + \ some typos and for a common problem case where the\ + \ range spec is forgotten (e.g., /24). Rook does in-depth\ + \ validation in code." + pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ + type: string + type: array + public: + description: Public defines a list of CIDRs to use for Ceph + public network communication. + items: + description: "An IPv4 or IPv6 network CIDR. \n This naive\ + \ kubebuilder regex provides immediate feedback for\ + \ some typos and for a common problem case where the\ + \ range spec is forgotten (e.g., /24). Rook does in-depth\ + \ validation in code." + pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ + type: string + type: array + type: object connections: description: Settings for network connections such as compression and encryption across the wire. @@ -2556,15 +3176,37 @@ spec: provider: description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus" + enum: + - '' + - host + - multus nullable: true type: string selectors: additionalProperties: type: string - description: Selectors string values describe what networks - will be used to connect the cluster. Meanwhile the keys describe - each network respective responsibilities or any metadata storage - provider decide. + description: "Selectors define NetworkAttachmentDefinitions\ + \ to be used for Ceph public and/or cluster networks when\ + \ the \"multus\" network provider is used. This config section\ + \ is not used for other network providers. \n Valid keys are\ + \ \"public\" and \"cluster\". Refer to Ceph networking documentation\ + \ for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/\ + \ \n Refer to Multus network annotation documentation for\ + \ help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation\ + \ \n Rook will make a best-effort attempt to automatically\ + \ detect CIDR address ranges for given network attachment\ + \ definitions. Rook's methods are robust but may be imprecise\ + \ for sufficiently complicated networks. Rook's auto-detection\ + \ process obtains a new IP address lease for each CephCluster\ + \ reconcile. If Rook fails to detect, incorrectly detects,\ + \ only partially detects, or if underlying networks do not\ + \ support reusing old IP addresses, it is best to use the\ + \ 'addressRanges' config section to specify CIDR ranges for\ + \ the Ceph cluster. \n As a contrived example, one can use\ + \ a theoretical Kubernetes-wide network for Ceph client traffic\ + \ and a theoretical Rook-only network for Ceph replication\ + \ traffic as shown: selectors: public: \"default/cluster-fast-net\"\ + \ cluster: \"rook-ceph/ceph-backend-net\"" nullable: true type: object type: object @@ -3537,15 +4179,20 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with - labelSelector to select the group of existing pods - over which spreading will be calculated for the incoming - pod. Keys that don't exist in the incoming pod labels - will be ignored. A null or empty list means only match - against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be\ + \ calculated. The keys are used to lookup values from\ + \ the incoming pod labels, those key-value labels\ + \ are ANDed with labelSelector to select the group\ + \ of existing pods over which spreading will be calculated\ + \ for the incoming pod. The same key is forbidden\ + \ to exist in both MatchLabelKeys and LabelSelector.\ + \ MatchLabelKeys cannot be set when LabelSelector\ + \ isn't set. Keys that don't exist in the incoming\ + \ pod labels will be ignored. A null or empty list\ + \ means only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -3729,7 +4376,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object description: Resources set resource requests and limits @@ -3815,6 +4463,18 @@ spec: nullable: true type: array x-kubernetes-preserve-unknown-fields: true + flappingRestartIntervalHours: + description: FlappingRestartIntervalHours defines the time for + which the OSD pods, that failed with zero exit code, will + sleep before restarting. This is needed for OSD flapping where + OSD daemons are marked down more than 5 times in 600 seconds + by Ceph. Preventing the OSD pods to restart immediately in + such scenarios will prevent Rook from marking OSD as `up` + and thus peering of the PGs mapped to the OSD. User needs + to manually restart the OSD pod if they manage to fix the + underlying OSD flapping issue before the restart interval. + The sleep will be disabled if this interval is set to 0. + type: integer nodes: items: description: Node is a storage nodes @@ -3905,7 +4565,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -4126,7 +4787,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -4210,6 +4872,60 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, + then it should ignore that update and let + other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane. -\ + \ ControllerResizeFailed: State set when resize\ + \ has failed in resize controller with a terminal\ + \ error. - NodeResizePending: State set when\ + \ resize controller has finished resizing\ + \ the volume but further resizing of volume\ + \ is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more\ + \ capacity - this field can be one of the\ + \ following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -4217,21 +4933,38 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may be - larger than the actual capacity when a volume - expansion operation is requested. For storage - quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used - for quota calculation. If a volume expansion - capacity request is lowered, allocatedResources - is only lowered if there are no expansion - operations in progress and if the actual volume - capacity is equal or lower than the requested - capacity. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including its\ + \ capacity. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update\ + \ with previously unknown resourceName should\ + \ ignore the update for the purpose it was\ + \ designed. For example - a controller that\ + \ only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -4250,7 +4983,7 @@ spec: Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -4291,14 +5024,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: array @@ -5401,16 +6126,22 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod - label keys to select the pods over which spreading - will be calculated. The keys are used to lookup - values from the incoming pod labels, those - key-value labels are ANDed with labelSelector - to select the group of existing pods over - which spreading will be calculated for the - incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null - or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod\ + \ label keys to select the pods over which\ + \ spreading will be calculated. The keys are\ + \ used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed\ + \ with labelSelector to select the group of\ + \ existing pods over which spreading will\ + \ be calculated for the incoming pod. The\ + \ same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot\ + \ be set when LabelSelector isn't set. Keys\ + \ that don't exist in the incoming pod labels\ + \ will be ignored. A null or empty list means\ + \ only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -6625,16 +7356,22 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod - label keys to select the pods over which spreading - will be calculated. The keys are used to lookup - values from the incoming pod labels, those - key-value labels are ANDed with labelSelector - to select the group of existing pods over - which spreading will be calculated for the - incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null - or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod\ + \ label keys to select the pods over which\ + \ spreading will be calculated. The keys are\ + \ used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed\ + \ with labelSelector to select the group of\ + \ existing pods over which spreading will\ + \ be calculated for the incoming pod. The\ + \ same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot\ + \ be set when LabelSelector isn't set. Keys\ + \ that don't exist in the incoming pod labels\ + \ will be ignored. A null or empty list means\ + \ only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -6823,7 +7560,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -7053,7 +7791,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -7137,6 +7876,60 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, + then it should ignore that update and let + other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane. -\ + \ ControllerResizeFailed: State set when resize\ + \ has failed in resize controller with a terminal\ + \ error. - NodeResizePending: State set when\ + \ resize controller has finished resizing\ + \ the volume but further resizing of volume\ + \ is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more\ + \ capacity - this field can be one of the\ + \ following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -7144,21 +7937,38 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may be - larger than the actual capacity when a volume - expansion operation is requested. For storage - quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used - for quota calculation. If a volume expansion - capacity request is lowered, allocatedResources - is only lowered if there are no expansion - operations in progress and if the actual volume - capacity is equal or lower than the requested - capacity. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including its\ + \ capacity. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update\ + \ with previously unknown resourceName should\ + \ ignore the update for the purpose it was\ + \ designed. For example - a controller that\ + \ only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -7177,7 +7987,7 @@ spec: Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -7218,14 +8028,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: array @@ -7236,6 +8038,24 @@ spec: type: object nullable: true type: array + store: + description: OSDStore is the backend storage type used for creating + the OSDs + properties: + type: + description: Type of backend storage to be used while creating + OSDs. If empty, then bluestore will be used + enum: + - bluestore + - bluestore-rdr + type: string + updateStore: + description: UpdateStore updates the backend store for existing + OSDs. It destroys each OSD one at a time, cleans up the + backing disk and prepares same OSD on that disk + pattern: ^$|^yes-really-update-store$ + type: string + type: object useAllDevices: description: Whether to consume all the storage devices found on a machine @@ -7439,8 +8259,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -7518,6 +8338,54 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status\ + \ of resource being resized for the given PVC. Key\ + \ names follow standard Kubernetes label syntax.\ + \ Valid values are either: * Un-prefixed keys: -\ + \ storage - the capacity of the volume. * Custom\ + \ resources must use implementation-defined prefixed\ + \ names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered reserved\ + \ and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending: State\ + \ set when resize controller has finished resizing\ + \ the volume but further resizing of volume is needed\ + \ on the node. - NodeResizeInProgress: State set\ + \ when kubelet starts resizing the volume. - NodeResizeFailed:\ + \ State set when resizing has failed in kubelet\ + \ with a terminal error. Transient errors don't\ + \ set NodeResizeFailed. For example: if expanding\ + \ a PVC for more capacity - this field can be one\ + \ of the following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is not\ + \ set, it means that no resize operation is in progress\ + \ for the given PVC. \n A controller that receives\ + \ PVC update with previously unknown resourceName\ + \ or ClaimResourceStatus should ignore the update\ + \ for the purpose it was designed. For example -\ + \ a controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -7525,20 +8393,34 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. - For storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for - quota calculation. If a volume expansion capacity - request is lowered, allocatedResources is only lowered - if there are no expansion operations in progress - and if the actual volume capacity is equal or lower - than the requested capacity. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity. Key\ + \ names follow standard Kubernetes label syntax.\ + \ Valid values are either: * Un-prefixed keys: -\ + \ storage - the capacity of the volume. * Custom\ + \ resources must use implementation-defined prefixed\ + \ names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered reserved\ + \ and hence may not be used. \n Capacity reported\ + \ here may be larger than the actual capacity when\ + \ a volume expansion operation is requested. For\ + \ storage quota, the larger value from allocatedResources\ + \ and PVC.spec.resources is used. If allocatedResources\ + \ is not set, PVC.spec.resources alone is used for\ + \ quota calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is only\ + \ lowered if there are no expansion operations in\ + \ progress and if the actual volume capacity is\ + \ equal or lower than the requested capacity. \n\ + \ A controller that receives PVC update with previously\ + \ unknown resourceName should ignore the update\ + \ for the purpose it was designed. For example -\ + \ a controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." type: object capacity: additionalProperties: @@ -7556,7 +8438,7 @@ spec: volume is being resized then the Condition will be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails + description: PersistentVolumeClaimCondition contains details about state of pvc properties: lastProbeTime: @@ -7597,14 +8479,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default but - when expansion is complete resizeStatus is set to - empty string by resize controller or kubelet. This - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object type: array @@ -7653,136 +8527,1330 @@ spec: properties: message: type: string - severity: + severity: + type: string + required: + - message + - severity + type: object + type: object + fsid: + type: string + health: + type: string + lastChanged: + type: string + lastChecked: + type: string + previousHealth: + type: string + versions: + description: CephDaemonsVersions show the current ceph version + for different ceph daemons + properties: + cephfs-mirror: + additionalProperties: + type: integer + description: CephFSMirror shows CephFSMirror Ceph version + type: object + mds: + additionalProperties: + type: integer + description: Mds shows Mds Ceph version + type: object + mgr: + additionalProperties: + type: integer + description: Mgr shows Mgr Ceph version + type: object + mon: + additionalProperties: + type: integer + description: Mon shows Mon Ceph version + type: object + osd: + additionalProperties: + type: integer + description: Osd shows Osd Ceph version + type: object + overall: + additionalProperties: + type: integer + description: Overall shows overall Ceph version + type: object + rbd-mirror: + additionalProperties: + type: integer + description: RbdMirror shows RbdMirror Ceph version + type: object + rgw: + additionalProperties: + type: integer + description: Rgw shows Rgw Ceph version + type: object + type: object + type: object + conditions: + items: + description: Condition represents a status condition on any Rook-Ceph + Custom Resource. + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ConditionReason is a reason for a condition + type: string + status: + type: string + type: + description: ConditionType represent a resource's status + type: string + type: object + type: array + message: + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: ConditionType represent a resource's status + type: string + state: + description: ClusterState represents the state of a Ceph Cluster + type: string + storage: + description: CephStorage represents flavors of Ceph Cluster Storage + properties: + deviceClasses: + items: + description: DeviceClasses represents device classes of a + Ceph Cluster + properties: + name: + type: string + type: object + type: array + osd: + description: OSDStatus represents OSD status of the ceph Cluster + properties: + storeType: + additionalProperties: + type: integer + description: StoreType is a mapping between the OSD backend + stores and number of OSDs using these stores + type: object + type: object + type: object + version: + description: ClusterVersion represents the version of a Ceph Cluster + properties: + image: + type: string + version: + type: string + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.3 + helm.sh/resource-policy: keep + creationTimestamp: null + name: cephcosidrivers.ceph.rook.io +spec: + group: ceph.rook.io + names: + kind: CephCOSIDriver + listKind: CephCOSIDriverList + plural: cephcosidrivers + shortNames: + - cephcosi + singular: cephcosidriver + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: CephCOSIDriver represents the CRD for the Ceph COSI Driver + Deployment + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint the + client submits requests to. Cannot be updated. In CamelCase. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec represents the specification of a Ceph COSI Driver + properties: + deploymentStrategy: + description: DeploymentStrategy is the strategy to use to deploy + the COSI driver. + enum: + - Never + - Auto + - Always + type: string + image: + description: Image is the container image to run the Ceph COSI driver + type: string + objectProvisionerImage: + description: ObjectProvisionerImage is the container image to run + the COSI driver sidecar + type: string + placement: + description: Placement is the placement strategy to use for the + COSI driver + properties: + nodeAffinity: + description: NodeAffinity is a group of node affinity scheduling + rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the node + matches the corresponding matchExpressions; the node(s) + with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not + be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its + node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. + The TopologySelectorTerm type implements a subset + of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity is a group of inter pod affinity scheduling + rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the node + has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not + be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm are + intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to + the union of the namespaces selected by this field + and the ones listed in the namespaces field. null + selector and null or empty namespaces list means + "this pod's namespace". An empty selector ({}) matches + all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of + namespace names that the term applies to. The term + is applied to the union of the namespaces listed + in this field and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity is a group of inter pod anti affinity + scheduling rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the + sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met at + some point during pod execution (e.g. due to a pod label + update), the system may or may not try to eventually evict + the pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to + the union of the namespaces selected by this field + and the ones listed in the namespaces field. null + selector and null or empty namespaces list means + "this pod's namespace". An empty selector ({}) matches + all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of + namespace names that the term applies to. The term + is applied to the union of the namespaces listed + in this field and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine + the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods + may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global + minimum. The global minimum is the minimum number of + matching pods in an eligible domain or zero if the number + of eligible domains is less than MinDomains. For example, + in a 3-zone cluster, MaxSkew is set to 1, and pods with + the same labelSelector spread as 2/2/1: In this case, + the global minimum is 1. | zone1 | zone2 | zone3 | | P + P | P P | P | - if MaxSkew is 1, incoming pod + can only be scheduled to zone3 to become 2/2/2; scheduling + it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is + 2, incoming pod can be scheduled onto any zone. When + `whenUnsatisfiable=ScheduleAnyway`, it is used to give + higher precedence to topologies that satisfy it. It''s + a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of\ + \ eligible domains. When the number of eligible domains\ + \ with matching topology keys is less than minDomains,\ + \ Pod Topology Spread treats \"global minimum\" as 0,\ + \ and then the calculation of Skew is performed. And\ + \ when the number of eligible domains with matching\ + \ topology keys equals or greater than minDomains, this\ + \ value has no effect on scheduling. As a result, when\ + \ the number of eligible domains is less than minDomains,\ + \ scheduler won't schedule more than maxSkew Pods to\ + \ those domains. If value is nil, the constraint behaves\ + \ as if MinDomains is equal to 1. Valid values are integers\ + \ greater than 0. When value is not nil, WhenUnsatisfiable\ + \ must be DoNotSchedule. \n For example, in a 3-zone\ + \ cluster, MaxSkew is set to 2, MinDomains is set to\ + \ 5 and pods with the same labelSelector spread as 2/2/2:\ + \ | zone1 | zone2 | zone3 | | P P | P P | P P \ + \ | The number of domains is less than 5(MinDomains),\ + \ so \"global minimum\" is treated as 0. In this situation,\ + \ new pod with the same labelSelector cannot be scheduled,\ + \ because computed skew will be 3(3 - 0) if new Pod\ + \ is scheduled to any of the three zones, it will violate\ + \ MaxSkew. \n This is a beta field and requires the\ + \ MinDomainsInPodTopologySpread feature gate to be enabled\ + \ (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will\ + \ treat Pod's nodeAffinity/nodeSelector when calculating\ + \ pod topology spread skew. Options are: - Honor: only\ + \ nodes matching nodeAffinity/nodeSelector are included\ + \ in the calculations. - Ignore: nodeAffinity/nodeSelector\ + \ are ignored. All nodes are included in the calculations.\ + \ \n If this value is nil, the behavior is equivalent\ + \ to the Honor policy. This is a beta-level feature\ + \ default enabled by the NodeInclusionPolicyInPodTopologySpread\ + \ feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat\ + \ node taints when calculating pod topology spread skew.\ + \ Options are: - Honor: nodes without taints, along\ + \ with tainted nodes for which the incoming pod has\ + \ a toleration, are included. - Ignore: node taints\ + \ are ignored. All nodes are included. \n If this value\ + \ is nil, the behavior is equivalent to the Ignore policy.\ + \ This is a beta-level feature default enabled by the\ + \ NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes + that have a label with this key and identical values + are considered to be in the same topology. We consider + each as a "bucket", and try to put balanced + number of pods into each bucket. We define a domain + as a particular instance of a topology. Also, we define + an eligible domain as a domain whose nodes meet the + requirements of nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each + Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain + of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not to + schedule it. - ScheduleAnyway tells the scheduler to + schedule the pod in any location, but giving higher + precedence to topologies that would help reduce the + skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to + 1, and pods with the same labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming + pod can only be scheduled to zone2(zone3) to become + 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be + imbalanced, but scheduler won''t make it *more* imbalanced. + It''s a required field.' type: string required: - - message - - severity + - maxSkew + - topologyKey + - whenUnsatisfiable type: object - type: object - fsid: - type: string - health: - type: string - lastChanged: - type: string - lastChecked: - type: string - previousHealth: - type: string - versions: - description: CephDaemonsVersions show the current ceph version - for different ceph daemons - properties: - cephfs-mirror: - additionalProperties: - type: integer - description: CephFSMirror shows CephFSMirror Ceph version - type: object - mds: - additionalProperties: - type: integer - description: Mds shows Mds Ceph version - type: object - mgr: - additionalProperties: - type: integer - description: Mgr shows Mgr Ceph version - type: object - mon: - additionalProperties: - type: integer - description: Mon shows Mon Ceph version - type: object - osd: - additionalProperties: - type: integer - description: Osd shows Osd Ceph version - type: object - overall: - additionalProperties: - type: integer - description: Overall shows overall Ceph version - type: object - rbd-mirror: - additionalProperties: - type: integer - description: RbdMirror shows RbdMirror Ceph version - type: object - rgw: - additionalProperties: - type: integer - description: Rgw shows Rgw Ceph version - type: object - type: object + type: array type: object - conditions: - items: - description: Condition represents a status condition on any Rook-Ceph - Custom Resource. - properties: - lastHeartbeatTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - description: ConditionReason is a reason for a condition - type: string - status: - type: string - type: - description: ConditionType represent a resource's status - type: string - type: object - type: array - message: - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: ConditionType represent a resource's status - type: string - state: - description: ClusterState represents the state of a Ceph Cluster - type: string - storage: - description: CephStorage represents flavors of Ceph Cluster Storage + resources: + description: Resources is the resource requirements for the COSI + driver properties: - deviceClasses: + claims: + description: "Claims lists the names of resources, defined in\ + \ spec.resourceClaims, that are used by this container. \n\ + \ This is an alpha field and requires enabling the DynamicResourceAllocation\ + \ feature gate. \n This field is immutable. It can only be\ + \ set for containers." items: - description: DeviceClasses represents device classes of a - Ceph Cluster + description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a container. type: string + required: + - name type: object type: array - type: object - version: - description: ClusterVersion represents the version of a Ceph Cluster - properties: - image: - type: string - version: - type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object type: object type: object - x-kubernetes-preserve-unknown-fields: true required: - metadata - spec type: object served: true storage: true - subresources: - status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8782,14 +10850,19 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. Keys that don't - exist in the incoming pod labels will be ignored. A - null or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -8956,7 +11029,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -9533,8 +11607,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -9567,7 +11640,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -10642,15 +12717,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -10824,8 +12905,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -10867,8 +12948,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -10901,7 +12981,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -11564,7 +13646,7 @@ spec: between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -12112,7 +14194,7 @@ spec: between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -12700,7 +14782,7 @@ spec: specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -13242,7 +15324,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sssdConfigFile: @@ -13378,7 +15461,7 @@ spec: here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -14859,15 +16942,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -15042,8 +17131,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -15230,6 +17319,17 @@ spec: spec: description: ObjectStoreSpec represent the spec of a pool properties: + allowUsersInNamespaces: + description: The list of allowed namespaces in addition to the object + store namespace where ceph object store users may be created. + Specify "*" to allow all namespaces, otherwise list individual + namespaces that are to be allowed. This is useful for applications + that need object store credentials to be created in their own + namespace, where neither OBCs nor COSI is being used to create + buckets. The default is empty. + items: + type: string + type: array dataPool: description: The data pool settings nullable: true @@ -15453,6 +17553,14 @@ spec: nullable: true type: boolean x-kubernetes-preserve-unknown-fields: true + disableMultisiteSyncTraffic: + description: 'DisableMultisiteSyncTraffic, when true, prevents + this object store''s gateways from transmitting multisite + replication data. Note that this value does not affect whether + gateways receive multisite replication traffic: see ObjectZone.spec.customEndpoints + for that. If false or unset, this object store''s gateways + will be able to transmit multisite replication data.' + type: boolean externalRgwEndpoints: description: ExternalRgwEndpoints points to external RGW endpoint(s). Multiple endpoints can be given, but for stability of ObjectBucketClaims, @@ -16481,15 +18589,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -16668,8 +18782,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -16740,8 +18854,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -16774,7 +18887,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -16904,8 +19019,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -16938,7 +19052,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -17560,6 +19676,10 @@ spec: - read, write type: string type: object + clusterNamespace: + description: The namespace where the parent CephCluster and CephObjectStore + are found + type: string displayName: description: The display name for the ceph users type: string @@ -17757,14 +19877,17 @@ spec: description: ObjectZoneSpec represent the spec of an ObjectZone properties: customEndpoints: - description: 'If this zone cannot be accessed from other peer Ceph - clusters via the ClusterIP Service endpoint created by Rook, you - must set this to the externally reachable endpoint(s). You may - include the port in the definition. For example: "https://my-object-store.my-domain.net:443". - In many cases, you should set this to the endpoint of the ingress - resource that makes the CephObjectStore associated with this CephObjectStoreZone - reachable to peer clusters. The list can have one or more endpoints - pointing to different RGW servers in the zone.' + description: "If this zone cannot be accessed from other peer Ceph\ + \ clusters via the ClusterIP Service endpoint created by Rook,\ + \ you must set this to the externally reachable endpoint(s). You\ + \ may include the port in the definition. For example: \"https://my-object-store.my-domain.net:443\"\ + . In many cases, you should set this to the endpoint of the ingress\ + \ resource that makes the CephObjectStore associated with this\ + \ CephObjectStoreZone reachable to peer clusters. The list can\ + \ have one or more endpoints pointing to different RGW servers\ + \ in the zone. \n If a CephObjectStore endpoint is omitted from\ + \ this list, that object store's gateways will not receive multisite\ + \ replication data (see CephObjectStore.spec.gateway.disableMultisiteSyncTraffic)." items: type: string nullable: true @@ -19242,14 +21365,19 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. Keys that don't - exist in the incoming pod labels will be ignored. A - null or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -19417,7 +21545,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml index f7ecc6e2..21673cbc 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml index 416b3557..b9852c1e 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml index 86a31d71..04905a6c 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -34,3 +34,13 @@ kind: ServiceAccount metadata: name: rook-csi-rbd-provisioner-sa namespace: syn-rook-ceph-operator +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner + namespace: syn-rook-ceph-operator diff --git a/tests/golden/defaults/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml b/tests/golden/defaults/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml index 8e3250ad..fb1cb7b6 100644 --- a/tests/golden/defaults/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml +++ b/tests/golden/defaults/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml @@ -109,10 +109,13 @@ spec: secretKeyRef: key: ceph-username name: rook-ceph-mon - image: docker.io/rook/ceph:v1.11.11 + image: docker.io/rook/ceph:v1.12.7 imagePullPolicy: IfNotPresent name: rook-ceph-tools securityContext: + capabilities: + drop: + - ALL runAsGroup: 2016 runAsNonRoot: true runAsUser: 2016 diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml index 41c5cc15..4c233042 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/cluster-rbac.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-osd @@ -18,7 +18,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-mgr @@ -31,7 +31,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-cmd-reporter @@ -50,7 +50,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-rgw @@ -180,6 +180,7 @@ rules: - cephfilesystemmirrors - cephfilesystemsubvolumegroups - cephblockpoolradosnamespaces + - cephcosidrivers verbs: - get - list diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml index 0207d92c..dd670bb9 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrole.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -33,6 +33,23 @@ rules: - get - delete - update + - apiGroups: + - csiaddons.openshift.io + resources: + - networkfences + verbs: + - create + - get + - update + - delete + - watch + - list + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -41,7 +58,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-cluster-mgmt @@ -74,7 +91,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-global @@ -147,6 +164,7 @@ rules: - cephfilesystemmirrors - cephfilesystemsubvolumegroups - cephblockpoolradosnamespaces + - cephcosidrivers verbs: - get - list @@ -261,7 +279,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-mgr-cluster @@ -317,7 +335,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-object-bucket @@ -518,7 +536,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rbd-csi-nodeplugin @@ -724,3 +742,52 @@ rules: - get - list - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner-role +rules: + - apiGroups: + - objectstorage.k8s.io + resources: + - buckets + - bucketaccesses + - bucketclaims + - bucketaccessclasses + - buckets/status + - bucketaccesses/status + - bucketclaims/status + - bucketaccessclasses/status + verbs: + - get + - list + - watch + - update + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create + - apiGroups: + - '' + resources: + - secrets + - events + verbs: + - get + - delete + - update + - create diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml index 4af00476..b55dd722 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/clusterrolebinding.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -25,7 +25,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-global @@ -102,3 +102,20 @@ subjects: - kind: ServiceAccount name: rook-csi-rbd-provisioner-sa namespace: syn-rook-ceph-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: objectstorage-provisioner-role +subjects: + - kind: ServiceAccount + name: objectstorage-provisioner + namespace: syn-rook-ceph-operator diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml index 142ee3fb..05ce7905 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/configmap.yaml @@ -226,7 +226,7 @@ data: cpu: 100m ROOK_CEPH_ALLOW_LOOP_DEVICES: 'false' ROOK_CEPH_COMMANDS_TIMEOUT_SECONDS: '15' - ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.5.0 + ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.7.0 ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.9.0 ROOK_CSI_ENABLE_CEPHFS: 'false' ROOK_CSI_ENABLE_GRPC_METRICS: 'true' @@ -234,6 +234,7 @@ data: ROOK_CSI_ENABLE_RBD: 'true' ROOK_CSI_IMAGE_PULL_POLICY: IfNotPresent ROOK_DISABLE_ADMISSION_CONTROLLER: 'true' + ROOK_ENABLE_DISCOVERY_DAEMON: 'false' ROOK_LOG_LEVEL: INFO ROOK_OBC_WATCH_OPERATOR_NAMESPACE: 'true' kind: ConfigMap diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml index a0ecc198..5882b5fb 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/deployment.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-operator @@ -20,7 +20,7 @@ spec: metadata: labels: app: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 spec: containers: - args: @@ -33,10 +33,8 @@ spec: value: 'true' - name: ROOK_DISABLE_DEVICE_HOTPLUG value: 'false' - - name: DISCOVER_DAEMON_UDEV_BLACKLIST - value: '' - - name: ROOK_ENABLE_DISCOVERY_DAEMON - value: 'false' + - name: ROOK_DISCOVER_DEVICES_INTERVAL + value: 60m - name: NODE_NAME valueFrom: fieldRef: @@ -49,7 +47,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/rook/ceph:v1.11.11 + image: docker.io/rook/ceph:v1.12.7 imagePullPolicy: IfNotPresent name: rook-ceph-operator ports: diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml index 0a39b34c..65c3cca7 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/resources.yaml @@ -1095,6 +1095,13 @@ spec: maximum: 65535 minimum: 0 type: integer + prometheusEndpoint: + description: Endpoint for the Prometheus host + type: string + prometheusEndpointSSLVerify: + description: Whether to verify the ssl endpoint for prometheus. + Set to false for a self-signed cert. + type: boolean ssl: description: SSL determines whether SSL should be used type: boolean @@ -1240,8 +1247,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a - GRPC port. This is a beta field and requires enabling - GRPCContainerProbe feature gate. + GRPC port. properties: port: description: Port number of the gRPC service. @@ -1275,7 +1281,10 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. type: string value: description: The header field value @@ -1408,8 +1417,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a - GRPC port. This is a beta field and requires enabling - GRPCContainerProbe feature gate. + GRPC port. properties: port: description: Port number of the gRPC service. @@ -1443,7 +1451,10 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. type: string value: description: The header field value @@ -1579,8 +1590,8 @@ spec: on the same node (not recommended) type: boolean count: - description: Count is the number of manager to run - maximum: 2 + description: Count is the number of manager daemons to run + maximum: 5 minimum: 0 type: integer modules: @@ -1614,6 +1625,8 @@ spec: maximum: 9 minimum: 0 type: integer + failureDomainLabel: + type: string stretchCluster: description: StretchCluster is the stretch cluster specification properties: @@ -1628,12 +1641,12 @@ spec: zones: description: Zones is the list of zones items: - description: StretchClusterZoneSpec represents the specification - of a stretched zone in a Ceph Cluster + description: MonZoneSpec represents the specification + of a zone in a Ceph Cluster properties: arbiter: description: Arbiter determines if the zone contains - the arbiter + the arbiter used for stretch cluster mode type: boolean name: description: Name is the name of the zone @@ -1852,7 +1865,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1936,6 +1950,62 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives + persistentvolume claim update with ClaimResourceStatus + for a resource that it does not recognizes, + then it should ignore that update and + let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either:\ + \ * Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must\ + \ use implementation-defined prefixed names\ + \ such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are\ + \ unprefixed or have kubernetes.io prefix\ + \ are considered reserved and hence may\ + \ not be used. \n ClaimResourceStatus can\ + \ be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane.\ + \ - ControllerResizeFailed: State set when\ + \ resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending:\ + \ State set when resize controller has finished\ + \ resizing the volume but further resizing\ + \ of volume is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing\ + \ the volume. - NodeResizeFailed: State\ + \ set when resizing has failed in kubelet\ + \ with a terminal error. Transient errors\ + \ don't set NodeResizeFailed. For example:\ + \ if expanding a PVC for more capacity -\ + \ this field can be one of the following\ + \ states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field\ + \ is not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A\ + \ controller that receives PVC update with\ + \ previously unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing\ + \ capacity of the volume, should ignore\ + \ PVC updates that change other valid resources\ + \ associated with PVC. \n This is an alpha\ + \ field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -1943,22 +2013,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may - be larger than the actual capacity when - a volume expansion operation is requested. - For storage quota, the larger value from - allocatedResources and PVC.spec.resources - is used. If allocatedResources is not set, - PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity - request is lowered, allocatedResources is - only lowered if there are no expansion operations - in progress and if the actual volume capacity - is equal or lower than the requested capacity. - This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including\ + \ its capacity. Key names follow standard\ + \ Kubernetes label syntax. Valid values\ + \ are either: * Un-prefixed keys: - storage\ + \ - the capacity of the volume. * Custom\ + \ resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are\ + \ unprefixed or have kubernetes.io prefix\ + \ are considered reserved and hence may\ + \ not be used. \n Capacity reported here\ + \ may be larger than the actual capacity\ + \ when a volume expansion operation is requested.\ + \ For storage quota, the larger value from\ + \ allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not\ + \ set, PVC.spec.resources alone is used\ + \ for quota calculation. If a volume expansion\ + \ capacity request is lowered, allocatedResources\ + \ is only lowered if there are no expansion\ + \ operations in progress and if the actual\ + \ volume capacity is equal or lower than\ + \ the requested capacity. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName should ignore the\ + \ update for the purpose it was designed.\ + \ For example - a controller that only is\ + \ responsible for resizing capacity of the\ + \ volume, should ignore PVC updates that\ + \ change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -1977,7 +2065,7 @@ spec: the Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -2018,15 +2106,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of - resize operation. ResizeStatus is not set - by default but when expansion is complete - resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha - field and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -2223,7 +2302,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -2298,6 +2378,54 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status\ + \ of resource being resized for the given PVC. Key\ + \ names follow standard Kubernetes label syntax. Valid\ + \ values are either: * Un-prefixed keys: - storage\ + \ - the capacity of the volume. * Custom resources\ + \ must use implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart from\ + \ above values - keys that are unprefixed or have\ + \ kubernetes.io prefix are considered reserved and\ + \ hence may not be used. \n ClaimResourceStatus can\ + \ be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending: State\ + \ set when resize controller has finished resizing\ + \ the volume but further resizing of volume is needed\ + \ on the node. - NodeResizeInProgress: State set when\ + \ kubelet starts resizing the volume. - NodeResizeFailed:\ + \ State set when resizing has failed in kubelet with\ + \ a terminal error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more capacity\ + \ - this field can be one of the following states:\ + \ - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is not set,\ + \ it means that no resize operation is in progress\ + \ for the given PVC. \n A controller that receives\ + \ PVC update with previously unknown resourceName\ + \ or ClaimResourceStatus should ignore the update\ + \ for the purpose it was designed. For example - a\ + \ controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -2305,19 +2433,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if - there are no expansion operations in progress and - if the actual volume capacity is equal or lower than - the requested capacity. This is an alpha field and - requires enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity. Key names\ + \ follow standard Kubernetes label syntax. Valid values\ + \ are either: * Un-prefixed keys: - storage - the\ + \ capacity of the volume. * Custom resources must\ + \ use implementation-defined prefixed names such as\ + \ \"example.com/my-custom-resource\" Apart from above\ + \ values - keys that are unprefixed or have kubernetes.io\ + \ prefix are considered reserved and hence may not\ + \ be used. \n Capacity reported here may be larger\ + \ than the actual capacity when a volume expansion\ + \ operation is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set, PVC.spec.resources\ + \ alone is used for quota calculation. If a volume\ + \ expansion capacity request is lowered, allocatedResources\ + \ is only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity is\ + \ equal or lower than the requested capacity. \n A\ + \ controller that receives PVC update with previously\ + \ unknown resourceName should ignore the update for\ + \ the purpose it was designed. For example - a controller\ + \ that only is responsible for resizing capacity of\ + \ the volume, should ignore PVC updates that change\ + \ other valid resources associated with PVC. \n This\ + \ is an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -2335,7 +2477,7 @@ spec: volume is being resized then the Condition will be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails + description: PersistentVolumeClaimCondition contains details about state of pvc properties: lastProbeTime: @@ -2373,17 +2515,465 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by - resize controller or kubelet. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object x-kubernetes-preserve-unknown-fields: true + zones: + description: Zones are specified when we want to provide zonal + awareness to mons + items: + description: MonZoneSpec represents the specification of a + zone in a Ceph Cluster + properties: + arbiter: + description: Arbiter determines if the zone contains the + arbiter used for stretch cluster mode + type: boolean + name: + description: Name is the name of the zone + type: string + volumeClaimTemplate: + description: VolumeClaimTemplate is the PVC template + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'spec defines the desired characteristics + of a volume requested by a pod author. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If + the provisioner or an external controller can + support the specified data source, it will create + a new volume based on the contents of the specified + data source. When the AnyVolumeDataSource feature + gate is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef contents + will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup is + not specified, the specified Kind must be + in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may be + any object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will + only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both + fields are non-empty, they must have the same + value. For backwards compatibility, when namespace + isn''t specified in dataSourceRef, both fields + (dataSource and dataSourceRef) will be set to + the same value automatically if one of them + is empty and the other is non-empty. When namespace + is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There + are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed + values (dropping them), dataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. * While dataSource only + allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires + the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef + requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup is + not specified, the specified Kind must be + in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace of + resource being referenced Note that when + a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity + recorded in the status field of the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources,\ + \ defined in spec.resourceClaims, that are\ + \ used by this container. \n This is an\ + \ alpha field and requires enabling the\ + \ DynamicResourceAllocation feature gate.\ + \ \n This field is immutable. It can only\ + \ be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If + Requests is omitted for a container, it + defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + status: + description: 'status represents the current information/status + of a persistent volume claim. Read-only. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual + access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, then + it should ignore that update and let other + controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the given\ + \ PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: * Un-prefixed\ + \ keys: - storage - the capacity of the volume.\ + \ * Custom resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize\ + \ controller with a terminal error. - NodeResizePending:\ + \ State set when resize controller has finished\ + \ resizing the volume but further resizing of\ + \ volume is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more capacity\ + \ - this field can be one of the following states:\ + \ - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously unknown\ + \ resourceName or ClaimResourceStatus should\ + \ ignore the update for the purpose it was designed.\ + \ For example - a controller that only is responsible\ + \ for resizing capacity of the volume, should\ + \ ignore PVC updates that change other valid\ + \ resources associated with PVC. \n This is\ + \ an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity.\ + \ Key names follow standard Kubernetes label\ + \ syntax. Valid values are either: * Un-prefixed\ + \ keys: - storage - the capacity of the volume.\ + \ * Custom resources must use implementation-defined\ + \ prefixed names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update with\ + \ previously unknown resourceName should ignore\ + \ the update for the purpose it was designed.\ + \ For example - a controller that only is responsible\ + \ for resizing capacity of the volume, should\ + \ ignore PVC updates that change other valid\ + \ resources associated with PVC. \n This is\ + \ an alpha field and requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: conditions is the current Condition + of persistent volume claim. If underlying persistent + volume is being resized then the Condition will + be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition + contains details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we + probed the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable + message indicating details about last + transition. + type: string + reason: + description: reason is a unique, this should + be a short, machine understandable string + that gives the reason for condition's + last transition. If it reports "ResizeStarted" + that means the underlying persistent volume + is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase + of PersistentVolumeClaim. + type: string + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array type: object monitoring: description: Prometheus based Monitoring settings @@ -2405,12 +2995,10 @@ spec: description: The Hostname of this endpoint type: string ip: - description: 'The IP of this endpoint. May not be loopback - (127.0.0.0/8), link-local (169.254.0.0/16), or link-local - multicast ((224.0.0.0/24). IPv6 is also accepted but - not fully supported on all platforms. Also, certain - kubernetes components, like kube-proxy, are not IPv6 - ready. TODO: This should allow hostname or IP, See #4447.' + description: The IP of this endpoint. May not be loopback + (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or + fe80::/10), or link-local multicast (224.0.0.0/24 or + ff02::/16). type: string nodeName: description: 'Optional: Node hosting this endpoint. This @@ -2486,6 +3074,38 @@ spec: description: Network related configuration nullable: true properties: + addressRanges: + description: AddressRanges specify a list of CIDRs that Rook + will apply to Ceph's 'public_network' and/or 'cluster_network' + configurations. This config section may be used for the "host" + or "multus" network providers. + nullable: true + properties: + cluster: + description: Cluster defines a list of CIDRs to use for + Ceph cluster network communication. + items: + description: "An IPv4 or IPv6 network CIDR. \n This naive\ + \ kubebuilder regex provides immediate feedback for\ + \ some typos and for a common problem case where the\ + \ range spec is forgotten (e.g., /24). Rook does in-depth\ + \ validation in code." + pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ + type: string + type: array + public: + description: Public defines a list of CIDRs to use for Ceph + public network communication. + items: + description: "An IPv4 or IPv6 network CIDR. \n This naive\ + \ kubebuilder regex provides immediate feedback for\ + \ some typos and for a common problem case where the\ + \ range spec is forgotten (e.g., /24). Rook does in-depth\ + \ validation in code." + pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ + type: string + type: array + type: object connections: description: Settings for network connections such as compression and encryption across the wire. @@ -2556,15 +3176,37 @@ spec: provider: description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus" + enum: + - '' + - host + - multus nullable: true type: string selectors: additionalProperties: type: string - description: Selectors string values describe what networks - will be used to connect the cluster. Meanwhile the keys describe - each network respective responsibilities or any metadata storage - provider decide. + description: "Selectors define NetworkAttachmentDefinitions\ + \ to be used for Ceph public and/or cluster networks when\ + \ the \"multus\" network provider is used. This config section\ + \ is not used for other network providers. \n Valid keys are\ + \ \"public\" and \"cluster\". Refer to Ceph networking documentation\ + \ for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/\ + \ \n Refer to Multus network annotation documentation for\ + \ help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation\ + \ \n Rook will make a best-effort attempt to automatically\ + \ detect CIDR address ranges for given network attachment\ + \ definitions. Rook's methods are robust but may be imprecise\ + \ for sufficiently complicated networks. Rook's auto-detection\ + \ process obtains a new IP address lease for each CephCluster\ + \ reconcile. If Rook fails to detect, incorrectly detects,\ + \ only partially detects, or if underlying networks do not\ + \ support reusing old IP addresses, it is best to use the\ + \ 'addressRanges' config section to specify CIDR ranges for\ + \ the Ceph cluster. \n As a contrived example, one can use\ + \ a theoretical Kubernetes-wide network for Ceph client traffic\ + \ and a theoretical Rook-only network for Ceph replication\ + \ traffic as shown: selectors: public: \"default/cluster-fast-net\"\ + \ cluster: \"rook-ceph/ceph-backend-net\"" nullable: true type: object type: object @@ -3537,15 +4179,20 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with - labelSelector to select the group of existing pods - over which spreading will be calculated for the incoming - pod. Keys that don't exist in the incoming pod labels - will be ignored. A null or empty list means only match - against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be\ + \ calculated. The keys are used to lookup values from\ + \ the incoming pod labels, those key-value labels\ + \ are ANDed with labelSelector to select the group\ + \ of existing pods over which spreading will be calculated\ + \ for the incoming pod. The same key is forbidden\ + \ to exist in both MatchLabelKeys and LabelSelector.\ + \ MatchLabelKeys cannot be set when LabelSelector\ + \ isn't set. Keys that don't exist in the incoming\ + \ pod labels will be ignored. A null or empty list\ + \ means only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -3729,7 +4376,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object description: Resources set resource requests and limits @@ -3815,6 +4463,18 @@ spec: nullable: true type: array x-kubernetes-preserve-unknown-fields: true + flappingRestartIntervalHours: + description: FlappingRestartIntervalHours defines the time for + which the OSD pods, that failed with zero exit code, will + sleep before restarting. This is needed for OSD flapping where + OSD daemons are marked down more than 5 times in 600 seconds + by Ceph. Preventing the OSD pods to restart immediately in + such scenarios will prevent Rook from marking OSD as `up` + and thus peering of the PGs mapped to the OSD. User needs + to manually restart the OSD pod if they manage to fix the + underlying OSD flapping issue before the restart interval. + The sleep will be disabled if this interval is set to 0. + type: integer nodes: items: description: Node is a storage nodes @@ -3905,7 +4565,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -4126,7 +4787,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -4210,6 +4872,60 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, + then it should ignore that update and let + other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane. -\ + \ ControllerResizeFailed: State set when resize\ + \ has failed in resize controller with a terminal\ + \ error. - NodeResizePending: State set when\ + \ resize controller has finished resizing\ + \ the volume but further resizing of volume\ + \ is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more\ + \ capacity - this field can be one of the\ + \ following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -4217,21 +4933,38 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may be - larger than the actual capacity when a volume - expansion operation is requested. For storage - quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used - for quota calculation. If a volume expansion - capacity request is lowered, allocatedResources - is only lowered if there are no expansion - operations in progress and if the actual volume - capacity is equal or lower than the requested - capacity. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including its\ + \ capacity. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update\ + \ with previously unknown resourceName should\ + \ ignore the update for the purpose it was\ + \ designed. For example - a controller that\ + \ only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -4250,7 +4983,7 @@ spec: Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -4291,14 +5024,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: array @@ -5401,16 +6126,22 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod - label keys to select the pods over which spreading - will be calculated. The keys are used to lookup - values from the incoming pod labels, those - key-value labels are ANDed with labelSelector - to select the group of existing pods over - which spreading will be calculated for the - incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null - or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod\ + \ label keys to select the pods over which\ + \ spreading will be calculated. The keys are\ + \ used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed\ + \ with labelSelector to select the group of\ + \ existing pods over which spreading will\ + \ be calculated for the incoming pod. The\ + \ same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot\ + \ be set when LabelSelector isn't set. Keys\ + \ that don't exist in the incoming pod labels\ + \ will be ignored. A null or empty list means\ + \ only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -6625,16 +7356,22 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod - label keys to select the pods over which spreading - will be calculated. The keys are used to lookup - values from the incoming pod labels, those - key-value labels are ANDed with labelSelector - to select the group of existing pods over - which spreading will be calculated for the - incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null - or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod\ + \ label keys to select the pods over which\ + \ spreading will be calculated. The keys are\ + \ used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed\ + \ with labelSelector to select the group of\ + \ existing pods over which spreading will\ + \ be calculated for the incoming pod. The\ + \ same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot\ + \ be set when LabelSelector isn't set. Keys\ + \ that don't exist in the incoming pod labels\ + \ will be ignored. A null or empty list means\ + \ only match against labelSelector. \n This\ + \ is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -6823,7 +7560,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -7053,7 +7791,8 @@ spec: If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -7137,6 +7876,60 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for + a resource that it does not recognizes, + then it should ignore that update and let + other controllers handle it. + type: string + description: "allocatedResourceStatuses stores\ + \ status of resource being resized for the\ + \ given PVC. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts\ + \ resizing the volume in control-plane. -\ + \ ControllerResizeFailed: State set when resize\ + \ has failed in resize controller with a terminal\ + \ error. - NodeResizePending: State set when\ + \ resize controller has finished resizing\ + \ the volume but further resizing of volume\ + \ is needed on the node. - NodeResizeInProgress:\ + \ State set when kubelet starts resizing the\ + \ volume. - NodeResizeFailed: State set when\ + \ resizing has failed in kubelet with a terminal\ + \ error. Transient errors don't set NodeResizeFailed.\ + \ For example: if expanding a PVC for more\ + \ capacity - this field can be one of the\ + \ following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is\ + \ not set, it means that no resize operation\ + \ is in progress for the given PVC. \n A controller\ + \ that receives PVC update with previously\ + \ unknown resourceName or ClaimResourceStatus\ + \ should ignore the update for the purpose\ + \ it was designed. For example - a controller\ + \ that only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -7144,21 +7937,38 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks - the capacity allocated to a PVC. It may be - larger than the actual capacity when a volume - expansion operation is requested. For storage - quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used - for quota calculation. If a volume expansion - capacity request is lowered, allocatedResources - is only lowered if there are no expansion - operations in progress and if the actual volume - capacity is equal or lower than the requested - capacity. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the\ + \ resources allocated to a PVC including its\ + \ capacity. Key names follow standard Kubernetes\ + \ label syntax. Valid values are either: *\ + \ Un-prefixed keys: - storage - the capacity\ + \ of the volume. * Custom resources must use\ + \ implementation-defined prefixed names such\ + \ as \"example.com/my-custom-resource\" Apart\ + \ from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered\ + \ reserved and hence may not be used. \n Capacity\ + \ reported here may be larger than the actual\ + \ capacity when a volume expansion operation\ + \ is requested. For storage quota, the larger\ + \ value from allocatedResources and PVC.spec.resources\ + \ is used. If allocatedResources is not set,\ + \ PVC.spec.resources alone is used for quota\ + \ calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is\ + \ only lowered if there are no expansion operations\ + \ in progress and if the actual volume capacity\ + \ is equal or lower than the requested capacity.\ + \ \n A controller that receives PVC update\ + \ with previously unknown resourceName should\ + \ ignore the update for the purpose it was\ + \ designed. For example - a controller that\ + \ only is responsible for resizing capacity\ + \ of the volume, should ignore PVC updates\ + \ that change other valid resources associated\ + \ with PVC. \n This is an alpha field and\ + \ requires enabling RecoverVolumeExpansionFailure\ + \ feature." type: object capacity: additionalProperties: @@ -7177,7 +7987,7 @@ spec: Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition - contails details about state of pvc + contains details about state of pvc properties: lastProbeTime: description: lastProbeTime is the time @@ -7218,14 +8028,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: array @@ -7236,6 +8038,24 @@ spec: type: object nullable: true type: array + store: + description: OSDStore is the backend storage type used for creating + the OSDs + properties: + type: + description: Type of backend storage to be used while creating + OSDs. If empty, then bluestore will be used + enum: + - bluestore + - bluestore-rdr + type: string + updateStore: + description: UpdateStore updates the backend store for existing + OSDs. It destroys each OSD one at a time, cleans up the + backing disk and prepares same OSD on that disk + pattern: ^$|^yes-really-update-store$ + type: string + type: object useAllDevices: description: Whether to consume all the storage devices found on a machine @@ -7439,8 +8259,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -7518,6 +8338,54 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status\ + \ of resource being resized for the given PVC. Key\ + \ names follow standard Kubernetes label syntax.\ + \ Valid values are either: * Un-prefixed keys: -\ + \ storage - the capacity of the volume. * Custom\ + \ resources must use implementation-defined prefixed\ + \ names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered reserved\ + \ and hence may not be used. \n ClaimResourceStatus\ + \ can be in any of following states: - ControllerResizeInProgress:\ + \ State set when resize controller starts resizing\ + \ the volume in control-plane. - ControllerResizeFailed:\ + \ State set when resize has failed in resize controller\ + \ with a terminal error. - NodeResizePending: State\ + \ set when resize controller has finished resizing\ + \ the volume but further resizing of volume is needed\ + \ on the node. - NodeResizeInProgress: State set\ + \ when kubelet starts resizing the volume. - NodeResizeFailed:\ + \ State set when resizing has failed in kubelet\ + \ with a terminal error. Transient errors don't\ + \ set NodeResizeFailed. For example: if expanding\ + \ a PVC for more capacity - this field can be one\ + \ of the following states: - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage']\ + \ = \"NodeResizeFailed\" When this field is not\ + \ set, it means that no resize operation is in progress\ + \ for the given PVC. \n A controller that receives\ + \ PVC update with previously unknown resourceName\ + \ or ClaimResourceStatus should ignore the update\ + \ for the purpose it was designed. For example -\ + \ a controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -7525,20 +8393,34 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. - For storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for - quota calculation. If a volume expansion capacity - request is lowered, allocatedResources is only lowered - if there are no expansion operations in progress - and if the actual volume capacity is equal or lower - than the requested capacity. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. + description: "allocatedResources tracks the resources\ + \ allocated to a PVC including its capacity. Key\ + \ names follow standard Kubernetes label syntax.\ + \ Valid values are either: * Un-prefixed keys: -\ + \ storage - the capacity of the volume. * Custom\ + \ resources must use implementation-defined prefixed\ + \ names such as \"example.com/my-custom-resource\"\ + \ Apart from above values - keys that are unprefixed\ + \ or have kubernetes.io prefix are considered reserved\ + \ and hence may not be used. \n Capacity reported\ + \ here may be larger than the actual capacity when\ + \ a volume expansion operation is requested. For\ + \ storage quota, the larger value from allocatedResources\ + \ and PVC.spec.resources is used. If allocatedResources\ + \ is not set, PVC.spec.resources alone is used for\ + \ quota calculation. If a volume expansion capacity\ + \ request is lowered, allocatedResources is only\ + \ lowered if there are no expansion operations in\ + \ progress and if the actual volume capacity is\ + \ equal or lower than the requested capacity. \n\ + \ A controller that receives PVC update with previously\ + \ unknown resourceName should ignore the update\ + \ for the purpose it was designed. For example -\ + \ a controller that only is responsible for resizing\ + \ capacity of the volume, should ignore PVC updates\ + \ that change other valid resources associated with\ + \ PVC. \n This is an alpha field and requires enabling\ + \ RecoverVolumeExpansionFailure feature." type: object capacity: additionalProperties: @@ -7556,7 +8438,7 @@ spec: volume is being resized then the Condition will be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails + description: PersistentVolumeClaimCondition contains details about state of pvc properties: lastProbeTime: @@ -7597,14 +8479,6 @@ spec: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default but - when expansion is complete resizeStatus is set to - empty string by resize controller or kubelet. This - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature. - type: string type: object type: object type: array @@ -7653,136 +8527,1330 @@ spec: properties: message: type: string - severity: + severity: + type: string + required: + - message + - severity + type: object + type: object + fsid: + type: string + health: + type: string + lastChanged: + type: string + lastChecked: + type: string + previousHealth: + type: string + versions: + description: CephDaemonsVersions show the current ceph version + for different ceph daemons + properties: + cephfs-mirror: + additionalProperties: + type: integer + description: CephFSMirror shows CephFSMirror Ceph version + type: object + mds: + additionalProperties: + type: integer + description: Mds shows Mds Ceph version + type: object + mgr: + additionalProperties: + type: integer + description: Mgr shows Mgr Ceph version + type: object + mon: + additionalProperties: + type: integer + description: Mon shows Mon Ceph version + type: object + osd: + additionalProperties: + type: integer + description: Osd shows Osd Ceph version + type: object + overall: + additionalProperties: + type: integer + description: Overall shows overall Ceph version + type: object + rbd-mirror: + additionalProperties: + type: integer + description: RbdMirror shows RbdMirror Ceph version + type: object + rgw: + additionalProperties: + type: integer + description: Rgw shows Rgw Ceph version + type: object + type: object + type: object + conditions: + items: + description: Condition represents a status condition on any Rook-Ceph + Custom Resource. + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ConditionReason is a reason for a condition + type: string + status: + type: string + type: + description: ConditionType represent a resource's status + type: string + type: object + type: array + message: + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: ConditionType represent a resource's status + type: string + state: + description: ClusterState represents the state of a Ceph Cluster + type: string + storage: + description: CephStorage represents flavors of Ceph Cluster Storage + properties: + deviceClasses: + items: + description: DeviceClasses represents device classes of a + Ceph Cluster + properties: + name: + type: string + type: object + type: array + osd: + description: OSDStatus represents OSD status of the ceph Cluster + properties: + storeType: + additionalProperties: + type: integer + description: StoreType is a mapping between the OSD backend + stores and number of OSDs using these stores + type: object + type: object + type: object + version: + description: ClusterVersion represents the version of a Ceph Cluster + properties: + image: + type: string + version: + type: string + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.3 + helm.sh/resource-policy: keep + creationTimestamp: null + name: cephcosidrivers.ceph.rook.io +spec: + group: ceph.rook.io + names: + kind: CephCOSIDriver + listKind: CephCOSIDriverList + plural: cephcosidrivers + shortNames: + - cephcosi + singular: cephcosidriver + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: CephCOSIDriver represents the CRD for the Ceph COSI Driver + Deployment + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint the + client submits requests to. Cannot be updated. In CamelCase. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec represents the specification of a Ceph COSI Driver + properties: + deploymentStrategy: + description: DeploymentStrategy is the strategy to use to deploy + the COSI driver. + enum: + - Never + - Auto + - Always + type: string + image: + description: Image is the container image to run the Ceph COSI driver + type: string + objectProvisionerImage: + description: ObjectProvisionerImage is the container image to run + the COSI driver sidecar + type: string + placement: + description: Placement is the placement strategy to use for the + COSI driver + properties: + nodeAffinity: + description: NodeAffinity is a group of node affinity scheduling + rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the node + matches the corresponding matchExpressions; the node(s) + with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not + be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its + node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. + The TopologySelectorTerm type implements a subset + of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values + array must be empty. If the operator is + Gt or Lt, the values array must have a + single element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity is a group of inter pod affinity scheduling + rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the node + has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not + be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm are + intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to + the union of the namespaces selected by this field + and the ones listed in the namespaces field. null + selector and null or empty namespaces list means + "this pod's namespace". An empty selector ({}) matches + all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of + namespace names that the term applies to. The term + is applied to the union of the namespaces listed + in this field and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity is a group of inter pod anti affinity + scheduling rules + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling requirements + (resource request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the + sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met at + some point during pod execution (e.g. due to a pod label + update), the system may or may not try to eventually evict + the pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to + the union of the namespaces selected by this field + and the ones listed in the namespaces field. null + selector and null or empty namespaces list means + "this pod's namespace". An empty selector ({}) matches + all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of + namespace names that the term applies to. The term + is applied to the union of the namespaces listed + in this field and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine + the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods + may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global + minimum. The global minimum is the minimum number of + matching pods in an eligible domain or zero if the number + of eligible domains is less than MinDomains. For example, + in a 3-zone cluster, MaxSkew is set to 1, and pods with + the same labelSelector spread as 2/2/1: In this case, + the global minimum is 1. | zone1 | zone2 | zone3 | | P + P | P P | P | - if MaxSkew is 1, incoming pod + can only be scheduled to zone3 to become 2/2/2; scheduling + it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is + 2, incoming pod can be scheduled onto any zone. When + `whenUnsatisfiable=ScheduleAnyway`, it is used to give + higher precedence to topologies that satisfy it. It''s + a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of\ + \ eligible domains. When the number of eligible domains\ + \ with matching topology keys is less than minDomains,\ + \ Pod Topology Spread treats \"global minimum\" as 0,\ + \ and then the calculation of Skew is performed. And\ + \ when the number of eligible domains with matching\ + \ topology keys equals or greater than minDomains, this\ + \ value has no effect on scheduling. As a result, when\ + \ the number of eligible domains is less than minDomains,\ + \ scheduler won't schedule more than maxSkew Pods to\ + \ those domains. If value is nil, the constraint behaves\ + \ as if MinDomains is equal to 1. Valid values are integers\ + \ greater than 0. When value is not nil, WhenUnsatisfiable\ + \ must be DoNotSchedule. \n For example, in a 3-zone\ + \ cluster, MaxSkew is set to 2, MinDomains is set to\ + \ 5 and pods with the same labelSelector spread as 2/2/2:\ + \ | zone1 | zone2 | zone3 | | P P | P P | P P \ + \ | The number of domains is less than 5(MinDomains),\ + \ so \"global minimum\" is treated as 0. In this situation,\ + \ new pod with the same labelSelector cannot be scheduled,\ + \ because computed skew will be 3(3 - 0) if new Pod\ + \ is scheduled to any of the three zones, it will violate\ + \ MaxSkew. \n This is a beta field and requires the\ + \ MinDomainsInPodTopologySpread feature gate to be enabled\ + \ (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will\ + \ treat Pod's nodeAffinity/nodeSelector when calculating\ + \ pod topology spread skew. Options are: - Honor: only\ + \ nodes matching nodeAffinity/nodeSelector are included\ + \ in the calculations. - Ignore: nodeAffinity/nodeSelector\ + \ are ignored. All nodes are included in the calculations.\ + \ \n If this value is nil, the behavior is equivalent\ + \ to the Honor policy. This is a beta-level feature\ + \ default enabled by the NodeInclusionPolicyInPodTopologySpread\ + \ feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat\ + \ node taints when calculating pod topology spread skew.\ + \ Options are: - Honor: nodes without taints, along\ + \ with tainted nodes for which the incoming pod has\ + \ a toleration, are included. - Ignore: node taints\ + \ are ignored. All nodes are included. \n If this value\ + \ is nil, the behavior is equivalent to the Ignore policy.\ + \ This is a beta-level feature default enabled by the\ + \ NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes + that have a label with this key and identical values + are considered to be in the same topology. We consider + each as a "bucket", and try to put balanced + number of pods into each bucket. We define a domain + as a particular instance of a topology. Also, we define + an eligible domain as a domain whose nodes meet the + requirements of nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each + Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain + of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not to + schedule it. - ScheduleAnyway tells the scheduler to + schedule the pod in any location, but giving higher + precedence to topologies that would help reduce the + skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to + 1, and pods with the same labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming + pod can only be scheduled to zone2(zone3) to become + 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be + imbalanced, but scheduler won''t make it *more* imbalanced. + It''s a required field.' type: string required: - - message - - severity + - maxSkew + - topologyKey + - whenUnsatisfiable type: object - type: object - fsid: - type: string - health: - type: string - lastChanged: - type: string - lastChecked: - type: string - previousHealth: - type: string - versions: - description: CephDaemonsVersions show the current ceph version - for different ceph daemons - properties: - cephfs-mirror: - additionalProperties: - type: integer - description: CephFSMirror shows CephFSMirror Ceph version - type: object - mds: - additionalProperties: - type: integer - description: Mds shows Mds Ceph version - type: object - mgr: - additionalProperties: - type: integer - description: Mgr shows Mgr Ceph version - type: object - mon: - additionalProperties: - type: integer - description: Mon shows Mon Ceph version - type: object - osd: - additionalProperties: - type: integer - description: Osd shows Osd Ceph version - type: object - overall: - additionalProperties: - type: integer - description: Overall shows overall Ceph version - type: object - rbd-mirror: - additionalProperties: - type: integer - description: RbdMirror shows RbdMirror Ceph version - type: object - rgw: - additionalProperties: - type: integer - description: Rgw shows Rgw Ceph version - type: object - type: object + type: array type: object - conditions: - items: - description: Condition represents a status condition on any Rook-Ceph - Custom Resource. - properties: - lastHeartbeatTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - description: ConditionReason is a reason for a condition - type: string - status: - type: string - type: - description: ConditionType represent a resource's status - type: string - type: object - type: array - message: - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: ConditionType represent a resource's status - type: string - state: - description: ClusterState represents the state of a Ceph Cluster - type: string - storage: - description: CephStorage represents flavors of Ceph Cluster Storage + resources: + description: Resources is the resource requirements for the COSI + driver properties: - deviceClasses: + claims: + description: "Claims lists the names of resources, defined in\ + \ spec.resourceClaims, that are used by this container. \n\ + \ This is an alpha field and requires enabling the DynamicResourceAllocation\ + \ feature gate. \n This field is immutable. It can only be\ + \ set for containers." items: - description: DeviceClasses represents device classes of a - Ceph Cluster + description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a container. type: string + required: + - name type: object type: array - type: object - version: - description: ClusterVersion represents the version of a Ceph Cluster - properties: - image: - type: string - version: - type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object type: object type: object - x-kubernetes-preserve-unknown-fields: true required: - metadata - spec type: object served: true storage: true - subresources: - status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8782,14 +10850,19 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. Keys that don't - exist in the incoming pod labels will be ignored. A - null or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -8956,7 +11029,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -9533,8 +11607,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -9567,7 +11640,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -10642,15 +12717,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -10824,8 +12905,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -10867,8 +12948,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -10901,7 +12981,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -11564,7 +13646,7 @@ spec: between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -12112,7 +14194,7 @@ spec: between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -12700,7 +14782,7 @@ spec: specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -13242,7 +15324,8 @@ spec: of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sssdConfigFile: @@ -13378,7 +15461,7 @@ spec: here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object @@ -14859,15 +16942,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -15042,8 +17131,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -15230,6 +17319,17 @@ spec: spec: description: ObjectStoreSpec represent the spec of a pool properties: + allowUsersInNamespaces: + description: The list of allowed namespaces in addition to the object + store namespace where ceph object store users may be created. + Specify "*" to allow all namespaces, otherwise list individual + namespaces that are to be allowed. This is useful for applications + that need object store credentials to be created in their own + namespace, where neither OBCs nor COSI is being used to create + buckets. The default is empty. + items: + type: string + type: array dataPool: description: The data pool settings nullable: true @@ -15453,6 +17553,14 @@ spec: nullable: true type: boolean x-kubernetes-preserve-unknown-fields: true + disableMultisiteSyncTraffic: + description: 'DisableMultisiteSyncTraffic, when true, prevents + this object store''s gateways from transmitting multisite + replication data. Note that this value does not affect whether + gateways receive multisite replication traffic: see ObjectZone.spec.customEndpoints + for that. If false or unset, this object store''s gateways + will be able to transmit multisite replication data.' + type: boolean externalRgwEndpoints: description: ExternalRgwEndpoints points to external RGW endpoint(s). Multiple endpoints can be given, but for stability of ObjectBucketClaims, @@ -16481,15 +18589,21 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. Keys that don't exist in the - incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label\ + \ keys to select the pods over which spreading will\ + \ be calculated. The keys are used to lookup values\ + \ from the incoming pod labels, those key-value\ + \ labels are ANDed with labelSelector to select\ + \ the group of existing pods over which spreading\ + \ will be calculated for the incoming pod. The same\ + \ key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set\ + \ when LabelSelector isn't set. Keys that don't\ + \ exist in the incoming pod labels will be ignored.\ + \ A null or empty list means only match against\ + \ labelSelector. \n This is a beta field and requires\ + \ the MatchLabelKeysInPodTopologySpread feature\ + \ gate to be enabled (enabled by default)." items: type: string type: array @@ -16668,8 +18782,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true @@ -16740,8 +18854,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -16774,7 +18887,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -16904,8 +19019,7 @@ spec: type: integer grpc: description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + port. properties: port: description: Port number of the gRPC service. Number @@ -16938,7 +19052,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. type: string value: description: The header field value @@ -17560,6 +19676,10 @@ spec: - read, write type: string type: object + clusterNamespace: + description: The namespace where the parent CephCluster and CephObjectStore + are found + type: string displayName: description: The display name for the ceph users type: string @@ -17757,14 +19877,17 @@ spec: description: ObjectZoneSpec represent the spec of an ObjectZone properties: customEndpoints: - description: 'If this zone cannot be accessed from other peer Ceph - clusters via the ClusterIP Service endpoint created by Rook, you - must set this to the externally reachable endpoint(s). You may - include the port in the definition. For example: "https://my-object-store.my-domain.net:443". - In many cases, you should set this to the endpoint of the ingress - resource that makes the CephObjectStore associated with this CephObjectStoreZone - reachable to peer clusters. The list can have one or more endpoints - pointing to different RGW servers in the zone.' + description: "If this zone cannot be accessed from other peer Ceph\ + \ clusters via the ClusterIP Service endpoint created by Rook,\ + \ you must set this to the externally reachable endpoint(s). You\ + \ may include the port in the definition. For example: \"https://my-object-store.my-domain.net:443\"\ + . In many cases, you should set this to the endpoint of the ingress\ + \ resource that makes the CephObjectStore associated with this\ + \ CephObjectStoreZone reachable to peer clusters. The list can\ + \ have one or more endpoints pointing to different RGW servers\ + \ in the zone. \n If a CephObjectStore endpoint is omitted from\ + \ this list, that object store's gateways will not receive multisite\ + \ replication data (see CephObjectStore.spec.gateway.disableMultisiteSyncTraffic)." items: type: string nullable: true @@ -19242,14 +21365,19 @@ spec: type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. Keys that don't - exist in the incoming pod labels will be ignored. A - null or empty list means only match against labelSelector. + description: "MatchLabelKeys is a set of pod label keys\ + \ to select the pods over which spreading will be calculated.\ + \ The keys are used to lookup values from the incoming\ + \ pod labels, those key-value labels are ANDed with\ + \ labelSelector to select the group of existing pods\ + \ over which spreading will be calculated for the incoming\ + \ pod. The same key is forbidden to exist in both MatchLabelKeys\ + \ and LabelSelector. MatchLabelKeys cannot be set when\ + \ LabelSelector isn't set. Keys that don't exist in\ + \ the incoming pod labels will be ignored. A null or\ + \ empty list means only match against labelSelector.\ + \ \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread\ + \ feature gate to be enabled (enabled by default)." items: type: string type: array @@ -19417,7 +21545,8 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object x-kubernetes-preserve-unknown-fields: true diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml index f7ecc6e2..21673cbc 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/role.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml index 416b3557..b9852c1e 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/rolebinding.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml index 86a31d71..04905a6c 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/01_rook_ceph_helmchart/rook-ceph/templates/serviceaccount.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/created-by: helm app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: rook-ceph-operator - helm.sh/chart: rook-ceph-v1.11.11 + helm.sh/chart: rook-ceph-v1.12.7 operator: rook storage-backend: ceph name: rook-ceph-system @@ -34,3 +34,13 @@ kind: ServiceAccount metadata: name: rook-csi-rbd-provisioner-sa namespace: syn-rook-ceph-operator +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: driver-ceph + app.kubernetes.io/name: cosi-driver-ceph + app.kubernetes.io/part-of: container-object-storage-interface + name: objectstorage-provisioner + namespace: syn-rook-ceph-operator diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/02_openshift_sccs.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/02_openshift_sccs.yaml index ba5b2a1c..ff40c11d 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/02_openshift_sccs.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/02_openshift_sccs.yaml @@ -19,7 +19,8 @@ metadata: name: rook-ceph priority: null readOnlyRootFilesystem: false -requiredDropCapabilities: [] +requiredDropCapabilities: + - All runAsUser: type: RunAsAny seLinuxContext: diff --git a/tests/golden/openshift4/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml b/tests/golden/openshift4/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml index 4df9f008..72bbbc3a 100644 --- a/tests/golden/openshift4/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml +++ b/tests/golden/openshift4/rook-ceph/rook-ceph/10_cephcluster_toolbox.yaml @@ -109,7 +109,7 @@ spec: secretKeyRef: key: ceph-username name: rook-ceph-mon - image: docker.io/rook/ceph:v1.11.11 + image: docker.io/rook/ceph:v1.12.7 imagePullPolicy: IfNotPresent name: rook-ceph-tools securityContext: {}